Resilience and Recovery Against Ransomware in Corporate Networks
Authors/Creators
- 1. Instituto Superior Politécnico Gaya
Description
Ransomware remains one of the most disruptive and financially damaging cyber threats affecting corporate environments, with attack sophistication rising notably between 2020 and 2025. Contemporary enterprises face a dual challenge: preventing operational paralysis and ensuring forensic readiness to support post-incident investigation and recovery. This article examines resilience and recovery mechanisms against ransomware within corporate networks, integrating digital forensic principles, cyber-resilience frameworks, incident response guidance, and empirical threat intelligence. It synthesizes insights from ENISA threat landscape reports, NIST cybersecurity and recovery guidelines, Zero Trust data security models, immutable storage research, and large-scale industry surveys. The analysis identifies structural weaknesses commonly exploited by ransomware operators, such as identity misconfigurations, insufficient backup testing, and gaps in data lifecycle governance. Furthermore, the article evaluates modern countermeasures including Zero Trust architectures, immutable backup strategies, automated recovery orchestration, cloud-centric resilience models, and forensic-led detection approaches. The goal is to provide an evidence-based, multi-layered blueprint that enhances organisational preparedness, minimises downtime, strengthens post-incident reconstruction, and supports legal and regulatory compliance following a ransomware event.
Files
Resilience_Recovery_Ransomware_Corporate_Networks.pdf
Files
(1.6 MB)
| Name | Size | Download all |
|---|---|---|
|
md5:9b9656c2de3a60a275338051ffd8c07f
|
1.6 MB | Preview Download |
Additional details
Dates
- Submitted
-
2026-01-21
References
- Unitrends. (2025). The State of Backup and Recovery Report 2025: Navigating the Future of Data Protection. Kaseya. Retrieved from https://www.unitrends.com/media/downloads/resources/The-State-of-Backup-and-RecoveryReport-2025.pdf
- Sophos. (2025). The State of Ransomware 2025. Sophos Ltd. Retrieved from https://assets.sophos.com/X24WTUEQ/at/94r5p9k59w9759497/sophos-state-of-ransomware2025-wp.pdf
- RNT Rausch. (2023). Immutable Storage: The Last Line of Defense [Whitepaper]. RNT Rausch GmbH. Retrieved from https://rnt.de/wp-content/uploads/2024/03/Whitpaper_ImmutablStorage_A4_EN.pdf
- Federal Chief Data Officers Council & Federal Chief Information Security Officers Council. (2025). Federal Zero Trust Data Security Guide (Revised May 2025). U.S. Government. Retrieved from https://resources.data.gov/assets/documents/Zero-TrustDataSecurityGuide_RevisedMay2025_CIO.govVersion.pdf
- Microsoft. (2024). Microsoft Digital Defense Report 2024. Microsoft. https://www.microsoft.com/en-us/security/security-insider/microsoft-digital-defense-report2024
- ThreatDown. (2025). 2025 State of Ransomware. Malwarebytes. https://www.threatdown.com/threat-center/reports/
- Institute for Security and Technology (IST). (2022). Blueprint for Ransomware Defense. Ransomware Task Force. https://securityandtechnology.org/wp-content/uploads/2022/08/ISTBlueprint-for-Ransomware-Defense.pdf
- ESET. (2025). Navigating Ransomware in 2025: Key Insights and Prevention Strategies. ESET. https://www.eset.com/us/business/resource-center/white-papers/navigating-ransomware-in-2025- key-insights-and-prevention-strategies/
- Lai, A. C. T., Ke, P. F., & Ho, A. (2025). Ransomware IR Model: Proactive Threat Intelligence-Based Incident Response Strategy. arXiv preprint. https://doi.org/10.48550/arXiv.2502.01221
- Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero Trust Architecture (NIST Special Publication 800-207). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-207
- Barker, W. C., Fisher, W., Scarfone, K., & Souppaya, M. (2022). Ransomware Risk Management: A Cybersecurity Framework Profile (NIST Interagency Report 8374). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.IR.8374
- Ilau, M.-C., Baldwin, A., Caulfield, T., & Pym, D. (2025). Modelling and simulating organizational ransomware recovery: Structure, methodology, and decisions. Journal of Cybersecurity, 11(1), tyaf035. https://doi.org/10.1093/cybsec/tyaf035
- Morette, N. M. (2024). Framework de Autoavaliação para Maturidade em Defesa contra Ransomware [Ensaio Acadêmico]. Escola Superior de Guerra (ESG), Rio de Janeiro.
- Veeam. (2024). Cloud Protection Trends Report 2024. Veeam Software & Hivelocity. https://www.veeam.com/cloud-protection-trends-report-2024
- G7 Cyber Expert Group. (2022). G7 Fundamental Elements of Ransomware Resilience for the Financial Sector. G7. https://www.ecb.europa.eu/paym/pol/shared/pdf/October_2022-G7- Fundamental-elements-of-ransomware-resilience-for-the-financial-sector.en.pdf
- ENISA. (2025). ENISA Threat Landscape 2025. European Union Agency for Cybersecurity. https://www.enisa.europa.eu/publications/enisa-threat-landscape-2025
- ENISA. (2024). ENISA Threat Landscape 2024. European Union Agency for Cybersecurity. https://doi.org/10.2824/0710888
- ENISA. (2024). Best Practices for Cyber Crisis Management. European Union Agency for Cybersecurity. https://doi.org/10.2824/767828
- Nelson, A., Rekhi, S., Souppaya, M., & Scarfone, K. (2025). Incident Response Recommendations and Considerations for Cybersecurity Risk Management (NIST Special Publication 800-61r3, Draft). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-61r3
- Bartock, M., et al. (2016). Guide for Cybersecurity Event Recovery (NIST Special Publication 800-184). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800- 184
- Cohesity. (2024). Counter Ransomware Attacks with Cohesity. Cohesity Solution Brief. https://www.cohesity.com/solutions/security/ransomware-recovery/
- Veeam. (2024). 2024 Ransomware Trends Report. Veeam Data Platform. https://www.veeam.com/ransomware-trends-report-2024
- Hornetsecurity. (2024). Cyber Security Report 2024. Hornetsecurity Security Lab. https://www.hornetsecurity.com/en/knowledge-base/cyber-security-report-2024/
- ENISA. (2024). ENISA Sectorial Threat Landscape: Public Administration. European Union Agency for Cybersecurity. https://doi.org/10.2824/4606183
- AL-Hawamleh, A. (2024). Cyber Resilience Framework: Strengthening Defenses and Enhancing Continuity in Business Security. International Journal of Computing and Digital Systems, 15(1), 1315-1331. http://dx.doi.org/10.12785/ijcds/150193
- Perin, L. (2025). Cloud Ransomware Defense and Data Recovery. International Journal of Advances in Engineering and Management (IJAEM), 7(8), 877-894. https://doi.org/10.35629/5252-0708877894
- Oz, H., Aris, A., Levi, A., & Uluagac, A. S. (2022). A Survey on Ransomware: Evolution, Taxonomy, and Defense Solutions. ACM Computing Surveys. https://doi.org/10.1145/3514229