A Validated Framework for Ransomware Resilience: Mitigation, Recovery, and Empirical Evaluation
DOI:
https://doi.org/10.56919/usci.2652.022Keywords:
ransomware resilience, mitigation strategies, recovery framework, best practices, contemporary cyber threat landscape, cybersecurity framework, emerging technologiesAbstract
Background: Ransomware has emerged as one of the most disruptive threats in the contemporary cyber threat landscape, with attacks increasing by more than 70 percent between 2020 and 2024. Despite growing cybersecurity investments, organizations continue to treat mitigation, recovery, and best practices as isolated activities rather than integrated components of a unified resilience posture, a structural gap that amplifies vulnerability to sophisticated attack models, including Ransomware-as-a-Service (RaaS) and double extortion techniques. Objective: This study develops and empirically evaluates a Ransomware Resilience Framework (RRF) that integrates mitigation strategies, recovery processes, and organizational best practices into a single, continuous adaptive model tailored to the contemporary threat environment. Methods: A design science research approach was employed, combining systematic literature synthesis, structured case study analysis of documented ransomware incidents across enterprise environments, and simulation-based validation. The simulation modeled phishing-initiated attack scenarios in a representative, medium-sized organization with moderate cybersecurity maturity. Framework performance was evaluated across four metrics: threat detection time, incident response time, data loss severity, and system recovery time, comparing pre-implementation and post-implementation conditions across all three framework pillars. Results: Adoption of the layered mitigation pillar was associated with up to a 60 percent reduction in successful ransomware breaches. Early detection mechanisms reduced the average time to threat identification by approximately 45 percent. Structured recovery systems achieved up to 70 percent faster restoration, with data loss reduced by more than 50 percent. Artificial intelligence-assisted detection improved identification accuracy by approximately 50 percent, contingent on adequate personnel training and data quality. Organizations implementing the full framework, including the best-practices governance layer, recorded significantly lower operational downtime than those applying only technical controls. Conclusion: Ransomware resilience requires a holistic, continuously improving, and people-centric approach. The RRF provides scalable, empirically grounded guidance for organizations across varying resource capacities and technical maturity levels, demonstrating that integrated frameworks consistently outperform fragmented, siloed cybersecurity approaches.
References
Arora, A. (2025). Protecting your business against ransomware: A comprehensive cybersecurity approach and framework. Available at SSRN 5268155. DOI: https://doi.org/10.2139/ssrn.5268155
Batool, T. (2024). Mapping the cyber threat landscape: Vulnerability assessment and defense strategies for modern enterprises.
Center for Internet Security. (2024). CIS controls v8.1. Center for Internet Security. https://www.cisecurity.org/controls
Chae, Y. (2025). Navigating the cyber threat landscape: Challenges and solutions. In Digital Leadership (pp. 128–147). Productivity Press. DOI: https://doi.org/10.4324/9781003602293-8
Ciuchi, C. (2024, November). Operationalizing the cyber threat landscape: Key considerations and challenges in developing a specific organisational program. In Proceedings of the International Conference on Cybersecurity and Cybercrime-2024 (pp. 61–68). Asociatia Romana pentru Asigurarea Securitatii Informatiei. DOI: https://doi.org/10.19107/CYBERCON.2024.08
Cybersecurity and Infrastructure Security Agency. (2025). Cybersecurity threat landscape report. United States Department of Homeland Security.
Danjuma, U. M., Usman, K. D., Alam, A. J., & Abdullahi, M. (2023). Enhancing Security of 5G-Enabled IoT Systems through Advanced Authentication Mechanisms: A Multifaceted Approach. UMYU Scientifica, 2(4), 201–211. DOI: https://doi.org/10.56919/usci.2324.025
Davis, F. D. (1989). Perceived usefulness, perceived ease of use, and user acceptance of information technology. MIS Quarterly, 13(3), 319–340. DOI: https://doi.org/10.2307/249008
Dimas, N., & Ayu Kartika, D. (2024). The critical role of disaster recovery in mitigating ransomware and advanced persistent threats. American Journal of Technology Advancement, 1(8), 91–97.
Dine, F. (2024). Cyber threat analysis and the development of proactive security strategies for risk mitigation.
El-Amir, S. (2023). Comprehensive cybersecurity review: Modern threats and innovative defense approaches. International Journal of Computers and Informatics (Zagazig University), 1, 30–37.
European Union Agency for Cybersecurity. (2024). ENISA threat landscape 2024. Publications Office of the European Union.
Evren, R., & Milson, S. (2024). The cyber threat landscape: Understanding and mitigating risks. EasyChair.
Farooq, J., & Zhu, Q. (2025). Cyber resilience in next-generation networks: Threat landscape, theoretical foundations, and design paradigms. arXiv preprint arXiv:2512.22721.
Federal Bureau of Investigation. (2025). Internet crime report 2024. Federal Bureau of Investigation.
Gounaris, A. (2021). Scalable and Robust Machine Learning Architectures for Cyber Threat Intelligence. Journal of Cybersecurity and Data Analysis, 14(3), 112-128.
Holling, C. S. (1973). Resilience and stability of ecological systems. Annual Review of Ecology and Systematics, 4, 1–23. DOI: https://doi.org/10.1146/annurev.es.04.110173.000245
International Organization for Standardization. (2022). ISO/IEC 27001:2022: Information security, cybersecurity and privacy protection: Information security management systems: Requirements. ISO.
Jabid, T., Rashid, M. R. A., Ferdaus, M. H., Ali, M. S., Islam, M. M., Hasan, M., & Islam, M. (2024). Ransomware prevention strategies: Building robust cyber defenses. In Ransomware Evolution (pp. 144–171). CRC Press. DOI: https://doi.org/10.1201/9781003469506-11
Jørgensen, B. N., & Ma, Z. G. (2026). Cybersecurity and resilience of smart grids: A review of threat landscape, incidents, and emerging solutions. Applied Sciences, 16(2), 981. DOI: https://doi.org/10.3390/app16020981
Kalinaki, K. (2024). Ransomware threat mitigation strategies for protecting critical infrastructure assets. In Ransomware Evolution (pp. 120–143). CRC Press. DOI: https://doi.org/10.1201/9781003469506-10
Kanaan, A., Ahmad, A. L., Aloun, M., Alorfi, A., & Alrawashdeh, M. A. (2025). Fortifying organisational cyber resilience: An integrated framework for business continuity and growth amidst an escalating threat landscape. International Journal of Computing, 17(1), 1–14. DOI: https://doi.org/10.12785/ijcds/1571023809
Karim, N. (2024). Comprehensive analysis of ransomware evolution and countermeasures in the era of digital transformation. International Journal of Advanced Cybersecurity Systems, Technologies, and Applications, 8(12), 20–30.
Kaur, G. M., Soni, R., & Kumar, A. (2022). Next-Generation AI-Driven Ransomware Detection: Trends, Taxonomy, and Their Limitations. International Conference on Cyber Security and Computer Networks (CSCN), 45-52.
Lalar, S., & Thakur, P. (2025, August). Enhancing resilience in an evolving threat landscape. In Cyber Security and Digital Forensics: Select Proceedings of the 2nd International Conference, ReDCySec 2024 (p. 173). Springer Nature.
Łazarski, M. (2026). Ransomware threats and defensive strategies: Insights from literature and practice. DOI: https://doi.org/10.5171/2026.387036
Mubin, F. A. (2025). The future of ransomware: How emerging technologies could change the threat landscape.
National Information Technology Development Agency. (2025). Nigeria cybersecurity outlook 2025. Federal Ministry of Communications, Innovation and Digital Economy.
National Institute of Standards and Technology. (2024). The NIST cybersecurity framework 2.0. U.S. Department of Commerce.
Oluwagbenga, E. M., Kolajo, T., & Babatunde, J. A. (2024). Development and Evaluation of a Hybrid Machine Learning-Based Intrusion Detection System Using NSL-KDD Dataset. UMYU Scientifica, 3(3), 277–283. DOI: https://doi.org/10.56919/2433.030
Prakesh, V., Khare, S., Talwandi, N. S., Surender, Lalar, S., & Thakur, P. (2024, May). Strategic framework for cybersecurity risk management: Enhancing resilience in an evolving threat landscape. In International Conference on Recent Developments in Cyber Security (pp. 173–183). Springer Nature Singapore. DOI: https://doi.org/10.1007/978-981-96-3284-8_13
Rogers, R. W. (1975). A protection motivation theory of fear appeals and attitude change. Journal of Psychology, 91(1), 93–114. DOI: https://doi.org/10.1080/00223980.1975.9915803
Verma, P., Newe, T., O'Mahony, G. D., Brennan, D., & O'Shea, D. (2025). Toward a unified understanding of cyber resilience: Concepts, strategies, and future directions. IEEE Access, 13, 49945–49965. DOI: https://doi.org/10.1109/ACCESS.2025.3551887
Yeboah-Ofori, A., & Opoku-Boateng, F. A. (2023). Mitigating cybercrimes in an evolving organisational landscape. Continuity & Resilience Review, 5(1), 53–78. DOI: https://doi.org/10.1108/CRR-09-2022-0017
Downloads
Published
Issue
Section
License
Copyright (c) 2026 Olanrewaju Toyyib Tajudeen, Sikirullah Olose Abdussomad, Saka Kayode Kamil, Said Omotosho Abdulsalam (Author)
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
UMYU Scientifica recognizes the importance of protecting authors’ intellectual property while promoting the free exchange of scientific knowledge. The journal adopts a copyright-retention model that empowers authors to maintain ownership of their work while granting the journal rights necessary for publication and dissemination.
1. Copyright Ownership
Authors publishing with UMYU Scientifica retain full copyright and publishing rights to their work. By submitting a manuscript, authors agree to grant the journal a non-exclusive license to publish, reproduce, distribute, and archive the article in all forms and media for the purpose of scholarly communication.
2. Licensing Terms
All articles are published under the Creative Commons Attribution–NonCommercial (CC BY-NC) license.
This license permits others to:
- Share - copy and redistribute the material in any medium or format.
- Adapt - remix, transform, and build upon the material.
- For non-commercial purposes only, provided that proper credit is given to the original author(s) and UMYU Scientifica as the source, a link to the license is provided, and any modifications are clearly indicated.
Commercial reuse or distribution of the content requires written permission from both the author and the editorial office.
3. Author Rights
Authors are free to:
- Deposit all versions of their manuscript (preprint, accepted version, and published version) in institutional, disciplinary, or public repositories without embargo.
- Use and distribute their published article for non-commercial scholarly purposes, including teaching, conference presentations, and research sharing.
- Include their work in future books, theses, or compilations, provided proper citation to the journal is made.
4. Publisher’s Rights
Upon publication, UMYU Scientifica retains the right to:
- Host, index, and disseminate the article through the journal’s website and partner databases.
- Archive the content in long-term preservation systems such as the PKP Preservation Network (PKP-PN) and the Umaru Musa Yar’adua University Institutional Repository.
5. Attribution and Citation
Users must give appropriate credit to the author(s), include a link to the article’s DOI or the journal webpage, and indicate if changes were made. Proper citation is required whenever the work is reused or referenced.
6. License Reference
For detailed terms of use, please refer to the Creative Commons Attribution–NonCommercial 4.0 International License (CC BY-NC 4.0):
https://creativecommons.org/licenses/by-nc/4.0/
