Tenured security and risk leaders are no strangers to emergencies, but few of those emergencies snowball to crisis levels the way ransomware can. Ransomware cripples operations, tests resilience, and threatens critical infrastructure. Ransomware-as-a-service business models, cryptocurrencies, state-permitted operations, and obvious but tricky-to-implement security hygiene all add to the current ransomware crisis. This report calls out the need for a ransomware preparedness exercise with your board of directors, identifies mistakes to avoid during one, provides three best practices, and guides leaders through requesting and preparing for the session.