Behind the scenes of ransomware negotiation | Guest Tony Cook

Tony Cook of GuidePoint Security knows a lot about threat intelligence and incident response. But he’s also used these skills while working in ransomware negotiation! Cook has handled negotiations for all the big threat groups — REvil, Lockbit, Darkside, Conti and more — and he told me about what a ransomware negotiator can realistically accomplish, which threat groups are on the rise, and why negotiating with amateurs is sometimes worse and harder than dealing with elite cybercriminals.  – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Ransomware negotiating 2:42 - How Tony Cook got into cybersecurity4:00 - Cook's work at GuidePoint 9:31 - Life as a ransomware negotiator 11:41 - Ransomware negotiation in 202213:52 - Stages of a successful ransomware negotiation 15:23 - How does ransomware negotiation work?19:11 - The difference between threat-acting groups20:43 - Bad ransomware negotiating22:43 - Ransomware negotiator support staff25:21 - Ransomware research26:26 - Is cyber insurance worth it? 29:14 - How do I become a ransomware negotiator? 32:25 - Soft skills for a ransomware negotiator33:46 - Threat research and intelligence work37:45 - Learn more about Cook and GuidePoint38:17 - OutroAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It’s our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.