Formalized Service Offering Includes Expert Assessment, Negotiation and Mitigation for Ransomware and Data Exfiltration Attacks
GroupSense, a threat intelligence company, today announced its Ransomware Negotiation Services offering – a comprehensive package of services for assessing and responding to ransomware attacks, including negotiations with threat actors. This unique service offering includes expert negotiators who have extensive experience resolving ransomware attacks, including arranging the destruction of exfiltrated data to reduce the damage caused by dual ransomware/data theft attacks. It also provides comprehensive services for evaluating and confirming attacks and conducting post-attack remediation activities, including executive support at board meetings, legal counsel, interfacing with insurance companies, public relations messaging and execution, and communications with key stakeholders, including investors, employees and customers.
“Enterprises need to take a more sophisticated approach to ransomware – most victims wind up suffering far more damage than is necessary, whether by overpaying threat actors, incurring brand damage and compliance violations from online data dumps or spending extended periods of time with no access to their critical data,” said Kurtis Minder, co-founder and CEO of GroupSense. “Many companies turn to their cybersecurity partners for help, but very few of those organizations have experienced ransomware negotiators and strategists who know the history of various threat actors and can effectively negotiate with them. Fewer still can provide comprehensive plans for mitigating the potential business damage caused by these attacks, which can include losing data, compliance violations, sabotaging customer relationships, and degrading corporate reputation.”
Minder said GroupSense has been performing these services for clients for years. Now, GroupSense has packaged a formal turnkey offering that includes the following services:
- Threat evaluation – Ransomware attacks need to be assessed for legitimacy. It is also important to identify the threat actor and develop a negotiation and mitigation strategy based on the threat actor’s history.
- Threat actor engagement – Threat actors may seem like faceless criminals – but they are human beings who can be constructively engaged so ransomware victims can verify the claims of the threat actor and build the needed trust and rapport for a positive outcome.
- Ransomware negotiation – Novices are always at a disadvantage in negotiations with experienced professionals, and since most companies do not have access to experienced ransomware negotiators, threat actors usually have a decided advantage. GroupSense levels the playing field with experienced negotiators who can effectively reduce ransom demands and manage the cryptocurrency transaction once the negotiation is complete.
- Post-transaction services – There are a number of activities that need to happen post-transaction to reduce the potential damage of the attack, including monitoring the threat actor to prevent a repeat attack, obtaining access to any stolen data and communicating with all necessary parties about the attack, including insurance companies.