{"id":108150,"date":"2023-02-28T09:31:16","date_gmt":"2023-02-28T17:31:16","guid":{"rendered":"https:\/\/www.backblaze.com\/blog\/?p=108150"},"modified":"2025-12-12T13:58:04","modified_gmt":"2025-12-12T21:58:04","slug":"cisos-guide-to-ransomware","status":"publish","type":"post","link":"https:\/\/www.backblaze.com\/blog\/cisos-guide-to-ransomware\/","title":{"rendered":"CISO&#8217;s Guide to Ransomware"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-108151\" src=\"https:\/\/www.backblaze.com\/blog\/wp-content\/uploads\/2023\/02\/bb-bh-CISOs-Guide-to-Ransomware-e1677533601535.png\" alt=\"\" width=\"1440\" height=\"820\" srcset=\"https:\/\/backblazeprod.wpenginepowered.com\/wp-content\/uploads\/2023\/02\/bb-bh-CISOs-Guide-to-Ransomware-e1677533601535.png 1440w, https:\/\/backblazeprod.wpenginepowered.com\/wp-content\/uploads\/2023\/02\/bb-bh-CISOs-Guide-to-Ransomware-e1677533601535-300x171.png 300w, https:\/\/backblazeprod.wpenginepowered.com\/wp-content\/uploads\/2023\/02\/bb-bh-CISOs-Guide-to-Ransomware-e1677533601535-1024x583.png 1024w, https:\/\/backblazeprod.wpenginepowered.com\/wp-content\/uploads\/2023\/02\/bb-bh-CISOs-Guide-to-Ransomware-e1677533601535-768x437.png 768w, https:\/\/backblazeprod.wpenginepowered.com\/wp-content\/uploads\/2023\/02\/bb-bh-CISOs-Guide-to-Ransomware-e1677533601535-560x319.png 560w\" sizes=\"auto, (max-width: 1440px) 100vw, 1440px\" \/><\/p>\n<p id=\"bzdropcap\">The job of a Chief Information Security Officer (CISO) is never truly done. Just as soon as one threat is neutralized and mitigating controls have been put in place, some industrious cybercriminal finds a new way to make life miserable.<\/p>\n<p>Even those of us working in information technology aren\u2019t immune to these attacks. For example, Coinbase recently shared <a href=\"https:\/\/www.coinbase.com\/blog\/social-engineering-a-coinbase-case-study\" target=\"_blank\" rel=\"noopener\">lessons learned from a phishing attempt<\/a> on one of their employees. No customer account information was compromised, but the incident goes to show that \u201canyone can be social engineered.\u201d<\/p>\n<p>Coinbase took the right approach by assuming they\u2019d be attacked and understanding that humans make mistakes, even the most diligent among us. In sharing what they learned, they make the whole community more aware. A rising tide lifts all boats, as they say. In that spirit, I\u2019m sharing some of the lessons I\u2019ve learned over the course of my career as a CISO that might help you be better prepared for the inevitable cyberattack.<\/p>\n<p>Read on for best practices you can follow to mitigate your ransomware risk.<\/p>\n<div class=\"abstract\" style=\"line-height: 1.8; margin: 24px 12px; padding: 24px 12px 10px 12px;\">Take a look at our other posts on ransomware for more information on how businesses can defend themselves against an attack, and more.<\/p>\n<ul>\n<li><a href=\"\/blog\/complete-guide-ransomware\/\" target=\"_blank\" rel=\"noopener\">Ransomware: How to Prevent or Recover From an Attack<\/a><\/li>\n<li><a href=\"\/blog\/ransomware-economy\/\" target=\"_blank\" rel=\"noopener\">Introducing the Ransomware Economy<\/a><\/li>\n<li><a href=\"\/blog\/object-lock-101-protecting-data-from-ransomware\/\" target=\"_blank\" rel=\"noopener\">Object Lock 101: Protecting Data From Ransomware<\/a><\/li>\n<li><a href=\"\/blog\/the-true-cost-of-ransomware\/\" target=\"_blank\" rel=\"noopener\">The True Cost of Ransomware<\/a><\/li>\n<li>2021 Ransomware Takeaways: <a href=\"\/blog\/ransomware-takeaways-2021-to-date\/\" target=\"_blank\" rel=\"noopener\">Q1<\/a>, <a href=\"\/blog\/ransomware-takeaways-q2-2021\/\" target=\"_blank\" rel=\"noopener\">Q2<\/a>, <a href=\"\/blog\/ransomware-takeaways-q3-2021\/\" target=\"_blank\" rel=\"noopener\">Q3<\/a>, <a href=\"\/blog\/ransomware-takeaways-from-q4-2021\/\" target=\"_blank\" rel=\"noopener\">Q4<\/a><\/li>\n<li>2022 Ransomware Takeaways: <a href=\"\/blog\/ransomware-takeaways-from-q1-2022\/\" target=\"_blank\" rel=\"noopener\">Q1<\/a>, <a href=\"\/blog\/ransomware-takeaways-from-q2-2022\/\" target=\"_blank\" rel=\"noopener\">Q2<\/a>, <a href=\"\/blog\/ransomware-takeaways-from-q3-2022\/\" target=\"_blank\" rel=\"noopener\">Q3<\/a><\/li>\n<\/ul>\n<p>And, don\u2019t forget that we offer a thorough walkthrough of ways to prepare yourself and your business for ransomware attacks\u2014free to download below.<\/p>\n<p><!--HubSpot Call-to-Action Code --><span id=\"hs-cta-wrapper-907e1e54-cf11-453f-9eee-4b8f02745211\" class=\"hs-cta-wrapper\"><span id=\"hs-cta-907e1e54-cf11-453f-9eee-4b8f02745211\" class=\"hs-cta-node hs-cta-907e1e54-cf11-453f-9eee-4b8f02745211\"><!-- [if lte IE 8]>\n\n\n<div id=\"hs-cta-ie-element\"><\/div>\n\n\n<![endif]--><a href=\"https:\/\/cta-redirect.hubspot.com\/cta\/redirect\/2832298\/907e1e54-cf11-453f-9eee-4b8f02745211\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" id=\"hs-cta-img-907e1e54-cf11-453f-9eee-4b8f02745211\" class=\"hs-cta-img\" style=\"border-width: 0px;\" src=\"https:\/\/no-cache.hubspot.com\/cta\/default\/2832298\/907e1e54-cf11-453f-9eee-4b8f02745211.png\" alt=\"\u2794 Download The Complete Guide to Ransomware\" \/><\/a><\/span><script charset=\"utf-8\" src=\"https:\/\/js.hscta.net\/cta\/current.js\"><\/script><script type=\"text\/javascript\"> hbspt.cta.load(2832298, '907e1e54-cf11-453f-9eee-4b8f02745211', {\"useNewLoader\":\"true\",\"region\":\"na1\"}); <\/script><\/span><!-- end HubSpot Call-to-Action Code --><\/p>\n<\/div>\n<h2>Ransomware Prevention, Detection, Mitigation, and Recovery Best Practices<\/h2>\n<p>The best way to address the threat of ransomware is to reduce the likelihood of a successful attack. First, help your employees through training and mitigating controls:<\/p>\n<ul>\n<li><strong>User Training:<\/strong> Making sure end users are savvy enough to spot a malicious email will ensure that you get fewer well-intentioned folks clicking on links. Things like phishing simulations can train users not to click on suspicious links or download unexpected attachments. While training is the first line of defense, you can\u2019t rely on it alone. Even gold standard security training companies have been hit with successful phishing attacks.<\/li>\n<li><strong>Endpoint Detection and Response:<\/strong> An endpoint detection and response (EDR) tool can provide additional guardrails. Backblaze leverages EDR to help block and quarantine malicious payloads as they attempt to execute on the workstation.<\/li>\n<li><strong>Multifactor Authentication:<\/strong> Password strength can be weak, and people often reuse passwords across websites, so another essential component is multifactor authentication (MFA). If you click on a phishing link, or a cybercriminal gains privileged access to your system through some other means, they may be able to retrieve your account password from memory using readily available tools like Mimikatz on Windows or dscl on a Mac. MFA in the form of a logical or physical token, provides for an additional authentication credential that is random, and changes after a brief period of time.<\/li>\n<li><strong>Limiting Applications:<\/strong> Only allowing authorized applications to be installed by users, either through operating system configuration or third-party software, can help limit what employees can download. Be sure that people aren\u2019t permitted to install applications that may open up additional vulnerabilities.<\/li>\n<\/ul>\n<p>In addition to helping end users from falling for phishing, there are some best practices you can implement on your systems, network, and backend to reduce vulnerabilities as well.<\/p>\n<ul>\n<li><strong>Implement a Strong Vulnerability Management Program:<\/strong> A robust program can help you reduce your overall risk by being proactive in identifying and remediating your vulnerabilities.<\/li>\n<li><strong>Conduct Static Analysis Security Tests:<\/strong> These focus on looking for vulnerabilities in source code.<\/li>\n<li><strong>Perform Dynamic Application Security Tests:<\/strong> These look for vulnerabilities in running applications.<\/li>\n<li><strong>Execute Software Composition Analysis Security Tests:<\/strong> These can focus on enumerating and identifying vulnerabilities in versions of the third-party libraries and frameworks leveraged by your application.<\/li>\n<li><strong>Engage Third Parties to Conduct Penetration Testing:<\/strong> Third parties can discover weaknesses in your systems that your own team may miss.<\/li>\n<li><strong>Implement a Bug Bounty Program:<\/strong> Security researchers are incentivized to find security vulnerabilities in your application through bug bounty program rewards.<\/li>\n<li><strong>Stay on Top of Your Patching Cadence:<\/strong> Test and deploy system and application updates as soon as possible, but also have a rollback strategy in the event of a bad patch.<\/li>\n<li><strong>Implement Least Privilege: <\/strong>Users and programs\/processes should only have the privileges they need to accomplish their tasks.<\/li>\n<li><strong>Use Standard User Accounts for Non-Admin Tasks:<\/strong> Admins can fall for the same types of phishing attacks as any other user. Using a regular non-admin account to read email, browse the web, etc., can help protect the admin from drive-by downloads, phishing, ransomware, and other forms of attack.<\/li>\n<li><strong>Segment Your Network:<\/strong> Implement physical separation, virtual local area networks (VLAN), and\/or microsegmentation to limit what a server or device is able to communicate with.<\/li>\n<\/ul>\n<p>Finally, stay up to date on guidance from sources such as the <a href=\"https:\/\/www.whitehouse.gov\/wp-content\/uploads\/2021\/06\/Memo-What-We-Urge-You-To-Do-To-Protect-Against-The-Threat-of-Ransomware.pdf\" target=\"_blank\" rel=\"noopener\">White House<\/a>, the <a href=\"https:\/\/www.nist.gov\/itl\/smallbusinesscyber\/guidance-topic\/ransomware\" target=\"_blank\" rel=\"noopener\">National Institute of Standards and Technology (NIST)<\/a>, the <a href=\"https:\/\/www.fbi.gov\/how-we-can-help-you\/safety-resources\/scams-and-safety\/common-scams-and-crimes\/ransomware\" target=\"_blank\" rel=\"noopener\">Federal Bureau of Investigation (FBI)<\/a>, and the <a href=\"https:\/\/www.cisa.gov\/stopransomware\/ransomware-guide\" target=\"_blank\" rel=\"noopener\">Cybersecurity and Infrastructure Security Agency (CISA)<\/a>. The FBI and CISA also issued holiday and weekend ransomware <a href=\"https:\/\/www.cisa.gov\/news-events\/cybersecurity-advisories\/aa21-243a\" target=\"_blank\" rel=\"noopener\">advisories<\/a> after a pattern of increased attacks was observed during those periods.<\/p>\n<h2>Responding If an Attack Slips Through<\/h2>\n<p>Realistically, attacks may slip through, and smart CISOs work from that assumption (and assume breach mindset).<\/p>\n<h3>Limiting the Blast Radius<\/h3>\n<p>As I mentioned during a 2021 <a href=\"https:\/\/www.spiceworks.com\/spiceworld\/\" target=\"_blank\" rel=\"noopener\">SpiceWorld<\/a> presentation, limiting the blast radius is key. When you&#8217;re experiencing a ransomware attack, you also want to isolate the infected system before the ransomware can attempt to access and encrypt other files on network shares. Once it has been isolated, you can investigate whether or not the ransomware has spread to other systems, collect digital forensics, wipe the system, reimage the system, restore the data from backup, and block the command and control IP addresses while monitoring the network to see if other systems attempt to communicate with those IP addresses.<\/p>\n<h3>Restoring Your Data<\/h3>\n<p>Once you have identified and remediated the root cause of the compromise, you can restore the data from backup after making sure that the backup doesn&#8217;t contain the malware you just cleaned up.<\/p>\n<p>Of course, you can only back up if you&#8217;ve planned ahead. If you haven\u2019t, you now have a difficult choice.<\/p>\n<h3>Should I Pay?<\/h3>\n<p>That really depends on what you have done to prepare for a ransomware attack. If you have backups that are disconnected, there&#8217;s a high likelihood you will be able to successfully recover to a known good state. It&#8217;s in everybody&#8217;s best interest not to pay the ransom, because it continues to fuel this type of criminal activity, and there&#8217;s no guarantee that any decrypter or key that a cybercriminal gives you is going to unlock your files. Ransomware, like any other code, can contain bugs, which may add to the recovery challenges.<\/p>\n<p>There is, of course, cyber insurance, but you should know that organizations that have been hit are likely to pay higher premiums or have a more difficult time securing cyber insurance that covers ransomware.<\/p>\n<h3>Planning for a Fast Recovery<\/h3>\n<p>It is important to have a robust recovery plan, and to practice executing the plan. Some elements of a strong recovery plan include:<\/p>\n<ul>\n<li><strong>Train and Test Your Team:<\/strong> Regularly test your plan and train those with incident response and recovery responsibilities on what to do if and when an incident occurs. Tensions are high when an incident occurs, and regular testing and training builds muscle memory and increases familiarity so your team knows exactly what to do.<\/li>\n<li><strong>Plan, Implement, and Test Your Backups:<\/strong> Ensure that you have immutable backups that cannot be compromised during an attack. Test your restore process frequently to ensure backups are working properly. Focus on your data most importantly, but also your system images and configurations. Have a solid change management process that includes updating the system images and configuration files\/scripts.<\/li>\n<li><strong>Know Who to Call:<\/strong> Maintain a list of internal and external contacts, so you know who to contact within your organization.<\/li>\n<li><strong>Establish Relationships With Law Enforcement:<\/strong> Building relationships with your local FBI field office and local law enforcement before an attack goes a long way toward being able to take the steps required to recover quickly from a ransomware attack while also collecting legally defensible evidence. Sharing indicators of compromise with the FBI or other partner law enforcement agencies may help with attribution and (later) prosecution efforts.<\/li>\n<\/ul>\n<h2>Don\u2019t Be a Soft Target<\/h2>\n<p><a href=\"\/blog\/ransomware-takeaways-q4-2022\/\" target=\"_blank\" rel=\"noopener\">Ransomware<\/a> continues to cause problems for companies large and small. It\u2019s not going away anytime soon. Cybercriminals are also targeting backups and Windows Shadow Volumes as part of their attacks. As a backup provider, of course, we have some thoughts on tools that can help, including:<\/p>\n<p><a href=\"\/blog\/object-lock-101-protecting-data-from-ransomware\/\" target=\"_blank\" rel=\"noopener\">Object Lock:<\/a> Object Lock provides the immutability you need to know your backups are protected from ransomware. With Object Lock, no one can modify or delete your data, including cybercriminals and even the person who set the lock.<\/p>\n<p><a href=\"\/blog\/disaster-recovery-with-a-single-command\/\" target=\"_blank\" rel=\"noopener\">Instant Recovery in Any Cloud:<\/a> Integrated with Veeam, this solution gives you your data back with a single command.<\/p>\n<p>The reality is that attacks happen all the time, but you can take steps to prepare, prevent, respond to, and then recover from them in a way that doesn\u2019t take your business down for weeks or months.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Even those of us working information technology aren&#8217;t immune to ransomware attacks. Here are some ransomware best practices from Mark Potter, Backblaze Chief Information Security Officer (CISO). <\/p>\n","protected":false},"author":170,"featured_media":108151,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","footnotes":""},"categories":[7,434,475],"tags":[468],"class_list":["post-108150","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cloud-storage","category-featured-1","category-ransomware","tag-b2cloud","entry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CISO&#039;s Guide to Ransomware: Defending Against Cyber Threats<\/title>\n<meta name=\"description\" content=\"Even those of us working information technology aren&#039;t immune to ransomware attacks. Here are some ransomware best practices from Mark Potter, Backblaze Chief Information Security Officer (CISO).\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.backblaze.com\/blog\/cisos-guide-to-ransomware\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CISO&#039;s Guide to Ransomware: Defending Against Cyber Threats\" \/>\n<meta property=\"og:description\" content=\"Even those of us working information technology aren&#039;t immune to ransomware attacks. Here are some ransomware best practices from Mark Potter, Backblaze Chief Information Security Officer (CISO).\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.backblaze.com\/blog\/cisos-guide-to-ransomware\/\" \/>\n<meta property=\"og:site_name\" content=\"Backblaze Blog | Cloud Storage &amp; Cloud Backup\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/backblaze\" \/>\n<meta property=\"article:published_time\" content=\"2023-02-28T17:31:16+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-12-12T21:58:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/backblazeprod.wpenginepowered.com\/wp-content\/uploads\/2023\/02\/bb-bh-CISOs-Guide-to-Ransomware-e1677533601535.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1440\" \/>\n\t<meta property=\"og:image:height\" content=\"820\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Mark Potter\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@backblaze\" \/>\n<meta name=\"twitter:site\" content=\"@backblaze\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Mark Potter\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CISO's Guide to Ransomware: Defending Against Cyber Threats","description":"Even those of us working information technology aren't immune to ransomware attacks. Here are some ransomware best practices from Mark Potter, Backblaze Chief Information Security Officer (CISO).","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.backblaze.com\/blog\/cisos-guide-to-ransomware\/","og_locale":"en_US","og_type":"article","og_title":"CISO's Guide to Ransomware: Defending Against Cyber Threats","og_description":"Even those of us working information technology aren't immune to ransomware attacks. Here are some ransomware best practices from Mark Potter, Backblaze Chief Information Security Officer (CISO).","og_url":"https:\/\/www.backblaze.com\/blog\/cisos-guide-to-ransomware\/","og_site_name":"Backblaze Blog | Cloud Storage &amp; Cloud Backup","article_publisher":"https:\/\/www.facebook.com\/backblaze","article_published_time":"2023-02-28T17:31:16+00:00","article_modified_time":"2025-12-12T21:58:04+00:00","og_image":[{"width":1440,"height":820,"url":"https:\/\/backblazeprod.wpenginepowered.com\/wp-content\/uploads\/2023\/02\/bb-bh-CISOs-Guide-to-Ransomware-e1677533601535.png","type":"image\/png"}],"author":"Mark Potter","twitter_card":"summary_large_image","twitter_creator":"@backblaze","twitter_site":"@backblaze","twitter_misc":{"Written by":"Mark Potter","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.backblaze.com\/blog\/cisos-guide-to-ransomware\/#article","isPartOf":{"@id":"https:\/\/www.backblaze.com\/blog\/cisos-guide-to-ransomware\/"},"author":{"name":"Mark Potter","@id":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/#\/schema\/person\/fa0c9c069ba1626a7d08daa9eea36005"},"headline":"CISO&#8217;s Guide to Ransomware","datePublished":"2023-02-28T17:31:16+00:00","dateModified":"2025-12-12T21:58:04+00:00","mainEntityOfPage":{"@id":"https:\/\/www.backblaze.com\/blog\/cisos-guide-to-ransomware\/"},"wordCount":1560,"commentCount":0,"publisher":{"@id":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.backblaze.com\/blog\/cisos-guide-to-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/backblazeprod.wpenginepowered.com\/wp-content\/uploads\/2023\/02\/bb-bh-CISOs-Guide-to-Ransomware-e1677533601535.png","keywords":["B2Cloud"],"articleSection":["Cloud Storage","Featured","Ransomware"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.backblaze.com\/blog\/cisos-guide-to-ransomware\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.backblaze.com\/blog\/cisos-guide-to-ransomware\/","url":"https:\/\/www.backblaze.com\/blog\/cisos-guide-to-ransomware\/","name":"CISO's Guide to Ransomware: Defending Against Cyber Threats","isPartOf":{"@id":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.backblaze.com\/blog\/cisos-guide-to-ransomware\/#primaryimage"},"image":{"@id":"https:\/\/www.backblaze.com\/blog\/cisos-guide-to-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/backblazeprod.wpenginepowered.com\/wp-content\/uploads\/2023\/02\/bb-bh-CISOs-Guide-to-Ransomware-e1677533601535.png","datePublished":"2023-02-28T17:31:16+00:00","dateModified":"2025-12-12T21:58:04+00:00","description":"Even those of us working information technology aren't immune to ransomware attacks. Here are some ransomware best practices from Mark Potter, Backblaze Chief Information Security Officer (CISO).","breadcrumb":{"@id":"https:\/\/www.backblaze.com\/blog\/cisos-guide-to-ransomware\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.backblaze.com\/blog\/cisos-guide-to-ransomware\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.backblaze.com\/blog\/cisos-guide-to-ransomware\/#primaryimage","url":"https:\/\/backblazeprod.wpenginepowered.com\/wp-content\/uploads\/2023\/02\/bb-bh-CISOs-Guide-to-Ransomware-e1677533601535.png","contentUrl":"https:\/\/backblazeprod.wpenginepowered.com\/wp-content\/uploads\/2023\/02\/bb-bh-CISOs-Guide-to-Ransomware-e1677533601535.png","width":1440,"height":820},{"@type":"BreadcrumbList","@id":"https:\/\/www.backblaze.com\/blog\/cisos-guide-to-ransomware\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/"},{"@type":"ListItem","position":2,"name":"CISO&#8217;s Guide to Ransomware"}]},{"@type":"WebSite","@id":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/#website","url":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/","name":"Backblaze Cloud Solutions Blog","description":"Cloud Storage &amp; Cloud Backup","publisher":{"@id":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/#organization","name":"Backblaze","url":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/www.backblaze.com\/blog\/wp-content\/uploads\/2017\/12\/backblaze_icon_transparent.png?fit=512%2C512&ssl=1","contentUrl":"https:\/\/i0.wp.com\/www.backblaze.com\/blog\/wp-content\/uploads\/2017\/12\/backblaze_icon_transparent.png?fit=512%2C512&ssl=1","width":512,"height":512,"caption":"Backblaze"},"image":{"@id":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/backblaze","https:\/\/x.com\/backblaze","https:\/\/www.youtube.com\/user\/Backblaze","https:\/\/en.wikipedia.org\/wiki\/Backblaze"]},{"@type":"Person","@id":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/#\/schema\/person\/fa0c9c069ba1626a7d08daa9eea36005","name":"Mark Potter","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/backblazeprod.wpenginepowered.com\/wp-content\/uploads\/2021\/12\/Mark-Potter-5x7-closeup-copy-150x150.jpg","url":"https:\/\/backblazeprod.wpenginepowered.com\/wp-content\/uploads\/2021\/12\/Mark-Potter-5x7-closeup-copy-150x150.jpg","contentUrl":"https:\/\/backblazeprod.wpenginepowered.com\/wp-content\/uploads\/2021\/12\/Mark-Potter-5x7-closeup-copy-150x150.jpg","caption":"Mark Potter"},"description":"Mark Potter is Backblaze's chief information security officer. He brings experience from over 29 years working in information security governance, risk management, regulatory compliance, and data protection and privacy program design and implementation to Backblaze. He is an IAPP Fellow of Information Privacy and holds over 30 security, privacy, and risk management certifications.","url":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/author\/mark\/"}]}},"jetpack_featured_media_url":"https:\/\/backblazeprod.wpenginepowered.com\/wp-content\/uploads\/2023\/02\/bb-bh-CISOs-Guide-to-Ransomware-e1677533601535.png","_links":{"self":[{"href":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/wp-json\/wp\/v2\/posts\/108150","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/wp-json\/wp\/v2\/users\/170"}],"replies":[{"embeddable":true,"href":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/wp-json\/wp\/v2\/comments?post=108150"}],"version-history":[{"count":0,"href":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/wp-json\/wp\/v2\/posts\/108150\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/wp-json\/wp\/v2\/media\/108151"}],"wp:attachment":[{"href":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/wp-json\/wp\/v2\/media?parent=108150"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/wp-json\/wp\/v2\/categories?post=108150"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/backblazeprod.wpenginepowered.com\/blog\/wp-json\/wp\/v2\/tags?post=108150"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}