OK. So what can we do to minimise the effect of ransomeware if it ever hits.

We have sites with say 5tb of file data, incremental nightly changes are backed up via Rsync and a monthly full copy is made. Is there much else that I can do...

Just accept if we get hit go back to the last full monthly backup and all the incremental data backups since?
Is the only way to be safe to do this and if we had unlimited space keep more full weekly backups if we have the time to do them?