What happens after you discover ransomware? You have to talk to the attackers. And that conversation can make or break your entire response.
In this episode, Wade Gettle, a professional ransomware negotiator, pulls back the curtain on the high-stakes world of threat actor negotiations. Wade is the person who gets the call at 2 AM when organizations are facing their worst moment, and he's handled negotiations across every scenario imaginable.
You'll learn:
- What actually happens in the first 72 hours of a ransomware incident
- The psychological tactics threat actors use to manufacture urgency and pressure
- Why those 24-hour deadlines aren't real—and how to buy yourself time
- How threat actors research your financials, insurance policies, and supply chain before making contact
- When data validation saves companies from paying ransoms for data that isn't even theirs
- The real cost of ransomware (spoiler: it's 10x the ransom amount)
- Why paying doesn't guarantee your data back—or that you won't get hit again
- Third-party breaches: the biggest risk vector right now
Key takeaway: Ransomware negotiations are psychological warfare disguised as business transactions. The best defense is being more prepared than the attackers expect you to be.
Resources mentioned in this episode:
About the guest: Wade Gettle is a Senior Advisor at Flashpoint and serves as a Cyber Mission Planner for the New York Army National Guard. With a background in intelligence analysis, incident response, and threat intelligence, Wade brings calm to the storm when organizations face their most critical security incidents.
Contact, Courses, and More:
For feedback, reviews, guest pitches, or to get in contact with me for any other reason, head to blueprintpodcast.live!
Check out John's SOC Training Courses for SOC Analysts and Leaders:
Follow and Connect with John: LinkedIn
