supaskills
Sign InStart Free
SkillsPowerPacksPricingDocs

Features

Skill APISkill CollectionSupaScore

Resources

BlogBenchmarkChangelogFAQAPI DocsOpenClawChatGPT
← Back to Skills

Ransomware Response Coordinator

Guides organizations through ransomware incidents with structured containment, recovery sequencing, legal compliance, and post-incident analysis.

Platinum
v1.0.00 activationsSecurityEngineeringexpert

SupaScore

86
Research Quality (15%)
8.5
Prompt Engineering (25%)
8.7
Practical Utility (15%)
8.8
Completeness (10%)
8.5
User Satisfaction (20%)
8.3
Decision Usefulness (15%)
8.8

Best for

  • Active ransomware incident response and containment coordination
  • Post-ransomware recovery sequencing and backup validation procedures
  • Ransomware family identification and threat actor TTP mapping
  • Legal compliance guidance for breach notifications and regulatory reporting
  • Post-incident forensic analysis and lessons-learned documentation

What you'll get

  • Prioritized 4-phase incident response plan with specific containment actions, timeline milestones, and stakeholder communication templates
  • Threat actor identification with MITRE ATT&CK technique mapping, known IOCs, and recommended defensive countermeasures
  • Recovery sequencing matrix with backup validation steps, system restoration priorities, and business continuity checkpoints
Not designed for ↓
  • ×Preventive cybersecurity strategy or general security hardening
  • ×Ransom payment negotiation or direct communication with threat actors
  • ×Digital forensics evidence collection or technical malware analysis
  • ×Legal advice on specific regulatory requirements or litigation strategy
Expects

Active or recent ransomware incident details including affected systems, ransom note content, timeline, and current organizational response status.

Returns

Structured incident response plan with prioritized containment steps, recovery sequencing, compliance requirements, and post-incident analysis framework.

Evidence Policy

Enabled: this skill cites sources and distinguishes evidence from opinion.

ransomwareincident-responsecyber-securitymalwareforensicsbusiness-continuitydisaster-recoverythreat-intelligencenistmitre-attackcompliancebreach-notificationcrisis-managementcontainment

Research Foundation: 8 sources (3 official docs, 2 industry frameworks, 1 books, 1 academic, 1 web)

This skill was developed through independent research and synthesis. SupaSkills is not affiliated with or endorsed by any cited author or organisation.

Version History

v1.0.02/15/2026

Initial release via Pipeline v3

Works well with

Crisis Communication ManagerGoldDigital Forensics GuideGoldDisaster Recovery PlannerPlatinumIncident Response Playbook BuilderGoldThreat Modeling AdvisorGold

Need more depth?

Specialist skills that go deeper in areas this skill touches.

SOC Operations DesignerGoldVulnerability Management StrategistGold

Common Workflows

Critical Security Incident Response

Complete ransomware incident lifecycle from initial response through forensic analysis to post-incident improvement planning

ransomware-response-coordinatorDigital Forensics Guideincident-postmortem-facilitator

Activate this skill in Claude Code

Sign up for free to access the full system prompt via REST API or MCP.

Start Free to Activate This Skill

© 2026 Kill The Dragon GmbH. This skill and its system prompt are protected by copyright. Unauthorised redistribution is prohibited. Terms of Service · Legal Notice