Reg. Ransomware. In addition to Security Essentials what other steps do I need to take to protect using Splunk. How do I search for traces of damaging Ransomware. Any useful use cases or guidance ?