Recover

After remediating the ransomware infection, rebuild affected systems from trusted media, restore lost data from backups, revert back to normal operations, do a root cause analysis, and report as appropriate to relevant authorities.

Resources

Incident Preparedness and Response

The Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook outlines a framework for health delivery organizations (HDOs) and other stakeholders to plan for and respond to cybersecurity incidents around medical devices, ensure effectiveness of devices, and protect patient safety.

NIST Data Integrity: Recovering

The National Cybersecurity Center of Excellence (NCCoE) at NIST built a laboratory environment to explore methods to effectively recover from a data corruption event in various Information Technology (IT) enterprise environments. NCCoE also implemented auditing and reporting IT system use to support incident recovery and investigations.

Recover

Resources

Incident Preparedness and Response

NIST Data Integrity: Recovering

Pin It on Pinterest