Effective ransomware response: A 5-step plan