CISO’s plan: Make assessment of the company’s risks as well as the credibility of the threat. Recommend contact with appropriate law enforcement officials for tactical advice and (hopefully) assistance. If top management declines to involve external LEOs, expect to be tasked to assemble a “red team” to search for and eliminate the vulnerabilities that make the threat credible. Warm up disaster and business continuity plans, perhaps increase backups in frequency or type. Consider Sarbanes-Oxley implications of every decision.”]
Source: https://www.csoonline.com/article/2118069/an-online-extortion-crisis-response-plan.html