Ask The Experts: When Ransomware Strikes, Who Takes The Lead -- The CIO Or CISO
InformationWeek, December 10,2025
What are the first three steps a CIO and CISO should take after a ransomware attack to minimize operational downtime?
Your company has just been hit with a ransomware attack. Who's going to run point? The CIO, CISO or both? The answer depends on whether you have both. If you do, they can work in parallel to minimize the impact of the attack while enabling business continuity.
It's also important for organizations to be prepared for a ransomware attack, which is why CISOs run tabletop exercises. A playbook may be available that outlines the necessary steps and assigns responsibilities.