Varautuminen ja palautuminen kiristyshaittaohjelmahyökkäyksestä organisaation näkökulmasta

This thesis explores the organizational strategies for preparing for and recovering from ransomware attacks. Ransomware incidents have become increasingly prevalent, posing significant threats that can result in severe financial losses and business disruptions. The primary objective of this research is to provide practical solutions and recommendations that organizations can adopt to develop robust recovery plans and ensure business continuity in the event of such attacks. The thesis examines the capacity of organizations to both prepare for and recover from ransomware incidents. Key research questions include: What specific threats do organizations face from ransomware? How can organizations effectively prepare for and recover from ransomware attacks, particularly from a business continuity perspective? What are the ransomware threats an organization faces? The study also investigates various backup and recovery methods, evaluating their effectiveness in mitigating the impact of ransomware. The literature review presents an analysis of ransomware operations, attack vectors, and the development of comprehensive recovery plans. The findings indicate that organizations must invest in both advanced technical solutions and staff training to effectively protect against and recover from ransomware incidents. The thesis concludes with a set of practical recommendations designed to enhance organizational preparedness and resilience against ransomware. Additionally, the recommendations aim to foster broader awareness of information security best practices within organizations.