Ransomware negotiator Retainer? Do you currently hold a retainer with a ransomware negotiator consulting firm? If so any recommendations?

Peer InsightsSecurity Strategy & Roadmap
124 viewscircle icon2 Comments
Sort by:
Director of Information Securitya day ago

Insurance companies will not pay a claim for ransomware. Instead of paying the attackers, you would be better off investing in recovery of your systems. You will be attacked, you will be compromised, you must minimize the damage to your organization using the Defense in Depth and Zero Trust frameworks. Isolate as much as possible with internal network segments. Ensure the attackers are unable to transit the internal network freely. Then focus on recovery. Clean backups, data organization, prioritization of systems, and practice!!!!!!

Director of Information Security2 days ago

Sygnia helped me with that issue once. https://www.sygnia.co/

Content you might like

Are you attending the SANS Pen Test HackFest Summit and Training?

Yes33%

No, but my team/colleague(s) are37%

No28%

Other (tell us in the comments!)

View Results

The software industry needs to create a better model of vulnerability management.

Strongly agree5%

Agree68%

Neutral13%

Disagree9%

Strongly disagree2%

Unsure (explain in the comments)

View Results

We are seeing an uptick in SOC 2 reports being issued by individual CPA's instead of CPA firms. While the CPA is certified, the firm / GRC tool that completed the work is not, but the CPA has signed the opinion. We are looking to see if other companies are accepting these reports as valid.

We are on the cusp of conducting a pilot of AI tooling - we intend to use Gemini & CoPilot, providing training, guidance & policy to our user group.  Before we start we should conduct a risk assessment -  my question is: can you recommend a tool or template?

Read More Comments