Given your Microsoft 365 subscription that integrates with Active Directory Domain Services (AD DS), you face a scenario where ransomware has encrypted data within this subscription. Your objective is to outline the recovery process. Ensure that the recovery strategy aligns with Microsoft Security Best Practices. What should be the first step in your recovery plan?