In his article dated 3/28/2018 in NYT, Nicole Perlroth wrote:"Boeing said on Wednesday that it was hit by a cyberattack that some Boeing executives identified as the same WannaCry computer virus that

In his article dated 3/28/2018 in NYT, Nicole Perlroth wrote:"Boeing said on Wednesday that it was hit by a cyberattack that some Boeing executives identified as the same WannaCry computer virus that struck thousands of computer systems in more than 70 countries around the world last year.In an internal memo, Mike VanderWel, chief engineer of Boeing Commercial Airplane production engineering, said the attack was “metastasizing” and he worried it could spread to Boeing’s production systems and airline software" 

https://www.nytimes.com/2018/03/28/technology/boeing-wannacry-malware.html

In a high level, please briefly discuss the steps you would follow if you have been selected to lead the Information Security team for this ransomware incident. 

I look forward for your active participation

Your participation is worth 2 points of your total grade.

Hints for best practices

Don't just describe good security measures that would be implemented after everything is stable and under control. What would you do first hour, first day, and so on.Think about the big picture and how you would escalate the issue, who are your stakeholders?

Who should be notified first?

Would you form your response team?

What about backup and restore?

Do you need to restore anything?

What about your initial incident report?

Will you be segregating some computers and folders from the network?

Will you call any external agency (like FBI)?

What about end users?You are not just a technical expert. Think about the process from a leadership and management perspectives.