In part two of our Cybersecurity installment of our Workplace Strategies Watercooler 2025 podcast series, Ben Perry (shareholder, Nashville) and Justin Tarka (partner, London) discuss the steps to take after resolving and containing a ransomware incident. Justin and Ben, who is co-chair of the firm’s Cybersecurity and Privacy Practice Group, highlight several key areas, including preparing the response team, implementing training for relevant employees and regular reviews of cybersecurity measures; developing a comprehensive incident response plan and assembling a dedicated response team; identifying opportunities for long-term infrastructure improvements; and assessing other areas of external risk management, such as data mapping and retention processes, vendor due diligence, and notification obligations.