It's easy to be glib and just tell people to back their stuff up, but with the increasing sophistication of these programs, quick restores may not fully address the problem. Some of the slow-encrypting variants that make a mess of your files *over time* defy the "we'll just restore from yesterday's backup" answer. If the crook is patient and careful enough to stay under the radar for some period of time, good luck figuring out your good restore points - and for what files. It's not that it can't be done, but it's going to be one hell of a research project to get your files back - assuming your backups go back far enough.
Don't underestimate the ability of these guys to make a huge mess of your tidy little IT environment. If you don't have canary files hanging around with really solid alerting, and good endpoint detection tools (and NO, AV doesn't quality) then you'd better pray you don't get targeted by a patient adversary.