Q1 of 2016 saw a 3,500% boom in the number of ransomware domains created—and now IT pros everywhere are in a showdown with ransomware, hoping their users don’t accidentally make the first move.

To prevent a ransomware attack, tech experts and information security leaders should do the following:

• Keep clear inventories of all your digital assets and their locations so cybercriminals do not attack a system you are unaware of.
• Keep all software up to date, including operating systems and applications.
• Back up all information every day, including information on employee devices, so you can restore encrypted data if attacked.
• Back up all information to a secure offsite location.
• Segment your network: Don’t place all data on one file share accessed by everyone in the company.
• Train staff on cybersecurity practices, emphasizing that they should not open attachments or links from unknown sources.
• Develop a communication strategy to inform employees if a virus reaches the company network.
• Before an attack happens, work with your board to determine whether your company will plan to pay a ransom or launch an investigation.
• Perform a threat analysis in communication with vendors to go over cybersecurity throughout the lifecycle of a particular device or application.
• Instruct information security teams to perform penetration testing to find any vulnerabilities.