Table 10. Ransomware propagation... | Emerald Publishing

Table 10.

Ransomware propagation scenario

Domain	Sub-metric	$s_{i}$	$w_{i}$	$s_{i} w_{i}$
Procedural alignment	Escalation path followed	4	4	16
	IRP referenced during incident	4	4	16
	Deviations justified	3	3	9
Operational execution	Containment-action timing	4	5	20
	Task coverage	4	5	20
	Execution accuracy	4	5	20
Infrastructure integration	Tool-usage effectiveness	3	4	12
	Tool alignment to IRP	3	3	9
	Inter-tool visibility	3	3	9
Coordination and comms	Role clarity	4	4	16
	Decision flow	4	5	20
	Communication logging	3	4	12
Post-incident follow-through	Root-cause analysis	3	3	9
	Lessons learned	2	3	6
	IRP updated post-simulation	2	2	4
Totals			Σ $w_{i}$ = 57	Σ $s_{i} w_{i}$ = 198

Domain	Sub-metric	$s_{i}$	$w_{i}$	$s_{i} w_{i}$
Procedural alignment	Escalation path followed	4	4	16
	IRP referenced during incident	4	4	16
	Deviations justified	3	3	9
Operational execution	Containment-action timing	4	5	20
	Task coverage	4	5	20
	Execution accuracy	4	5	20
Infrastructure integration	Tool-usage effectiveness	3	4	12
	Tool alignment to IRP	3	3	9
	Inter-tool visibility	3	3	9
Coordination and comms	Role clarity	4	4	16
	Decision flow	4	5	20
	Communication logging	3	4	12
Post-incident follow-through	Root-cause analysis	3	3	9
	Lessons learned	2	3	6
	IRP updated post-simulation	2	2	4
Totals			Σ $w_{i}$ = 57	Σ $s_{i} w_{i}$ = 198

Source(s): Authors’ own work