You have seen the headlines of how companies were damaged by ransomware. Ransomware depends on encryption; there is a public key and a private key. Unless you have the private key, you cannot easily recover your data. Every time you hear someone say that they went to a site like nomoreransom.org and got their data back, it was because an organization could get the private key and put it there. You cannot always depend on that situation.
You can take steps to avoid ransomware, including making sure you look carefully at links emails, teach your users to recognize dubious emails, stay up-to-date with software updates, and not directly access port 3389 (external desktop) to show on the internet.
If all that fails and you become a victim of ransomware, there is a guaranteed way to restore it: having a good backup. It is the best way to recover from a ransomware attack. Recently, Maersk's company recovered from a devastating ransomware attack, but not with a backup. They had none. Amazingly, they were able to restore their domain using a single domain controller that was not connected to the Internet at the time of the ransomware infection. Maersk was lucky.
The backup strategy of Maersk was trust in synchronization. Companies often donate no backup of domain controllers, but simply place another one online and synchronize it in the network. The "backup" in their eyes is another instance of Active Directory at a different location. They never expect their entire domain to be infected in such a way that they need a backup.
As we move from traditional domain controllers and local computers to cloud services and situations where system data is synchronized, you take the time to see how you back up and change your solutions accordingly.