Excellent scenario of a ruthless cyber attack, painted eloquently by the BBC and describing the play by play action of a very real response by a business that's been put in such a position. 

What should the team have done?

  • prepared a data breach plan with step-by-step actions to              take
  • regularly circulated and updated the plan so senior staff                were familiar with it
  • notified third-parties and suppliers
  • gathered evidence for the ICO to show how it has handled            the issue
  • called its cyber-insurance provider for advice and help
  • refused to pay the ransom - there's no guarantee they'd get          their data back.