The multiple challenges posed by cyberattacks, which have wreaked havoc on organizations in every industry sector, must be met by a carefully planned interdisciplinary response approach. In a recent Practising Law Institute presentation, cybersecurity experts from Hunton, Brunswick Group and Stroz Friedberg walked through a hypothetical ransomware attack and discuss best practices for an appropriate incident response plan in the moments, hours and days that follow. The first article in this two-part series covered discovery of the breach through day four of the investigation, and this second part addresses day five through the post-mortem. While the company was fictitious, the incident discussed was inspired by real-life events and actual business impact and threat-actor activities. See “Ransomware and Sanctions in the Time of War” (Jun. 22, 2022).