Estimated reading time: 4 minutes
How Negotiations Actually Start
You’ve seen the movies. Cue the tense phone call and ticking clock. Think cinematic standoffs and hard choices. Samuel L. Jackson once played a master negotiator. This episode of the Cyber Insurance News & Information Podcast brings you the real deal from the digital domain. Host and Executive Editor Martin Hinton interviews Kurtis Minder, a veteran ransomware negotiator and author of Cyber Recon: My Life in Cyber Espionage and Ransomware Negotiation. The conversation breaks down tactics, risks, and decisions. The episode offers a clear playbook for cyber resilience and leaders facing ransomware today.
Get The Episode Here:
Read the Room, Control the Pace
People make high-stress choices under pressure. Facts blur. Leaders must align messaging and support teams. Can you “hear” tone through a chat portal and flip it to your advantage? Negotiators set cadence early. Precision buys time and options.
Tactics That Shift Outcomes
Start with discovery. Map impact, timelines, and evidence. Demand file proofs and key checks. What proof should you insist on before discussing a single dollar? Challenge pricing with specifics. Tie every concession to verifiable actions. Document everything.
What Makes Modern Ransomware Hard
Attacks mix encryption and data theft. Double extortion multiplies pressure even with backups. If backups work, why do criminals still have leverage? Adversaries research victims before anchoring demands. Patterns repeat, but every case is unique.
Insurance Changes the Playbook
Cyber insurance influences speed and vendors. Policies require prompt notice and panel partners. Which clause quietly dictates your first three phone calls? Read retentions, extortion terms, and conditions. Align your runbook to policy language. Practice the workflow before an event.
Cyber Resilience and Reducing Risk
Use layered defenses. Enforce MFA and least privilege. Segment networks and monitor endpoints. Patch fast. Which single control most often lowers the final demand? Validate and isolate backups. Test restores on a schedule.
Plan, Name Owners, Rehearse
Write a ransomware-specific runbook. Assign decision owners and deputies. Prewrite internal and external statements. Define legal, PR, and law-enforcement paths. Do your executives make the right call under a two-hour deadline? Tabletop with clocks and consequences.
Get The Cyber Insurance Upload Delivered
Subscribe to our newsletter!
Preserve Evidence, Don’t Make It Worse
Do not reboot infected hosts. Isolate with care. Capture volatile data and preserve logs. Maintain a clean room for analysis. What evidence disappears if you power-cycle a key server? Track chain of custody.
Money, Policy, and the Road Ahead
Demands range from five to eight figures. Attackers anchor to public revenue and urgency. What “objective constraint” moves price more than emotion ever will? Skilled negotiation narrows gaps. Some push bans on ransom payments; others warn of worse outcomes. Minder stresses prevention and recovery investment. Government guidance helps raise the floor.
Shared Duty
Cybersecurity requires collective action. Cyber Resilience is a team sport. Organizations must maintain hygiene and clear processes. Vendors should ship secure defaults. Users must report suspicious activity. Want shorter disruptions and lower costs? Start before the breach.
Watch the episode with Kurtis Minder for the answers and update your runbook today.
Available here:
Transcript – This has been checked for accuracy, but confirm any element; trust, but verify.
Related Posts
