What's th best way to guard against Ransomware?

When it comes to the "your data is encrypted" ransomware attacks, try this: make your backups and test them regularly. There is no excuse for data loss to affect anything prior to the current business day. Whatever happened to disaster recovery/ business continuity plans? 20 years ago I used to design them for a handful of Fortune 100 companies. Now it seems nobody cares.

I've always wondered why the more static part of web pages and resources don't typically get stored on a RO file system. It's easy enough to remount -o,rw to make changes for updates. It doesn't stop all the attacks, but it stops a whole lot of them.

This doesn't solve the stolen data type ransomware, but most companies seem to not even try to be the least bit resilient. The risks have been the same for decades. Why act surprised now?