Recently Kurtis Minder, GroupSense CEO, was a guest on Outpost Gray’s podcast. Kurtis did a Q&A with Jax, Outpost Gray founder and Cybersecurity Manager from Grant Thornton. They talked about ransomware prevention and negotiations.
Ransomware has been making headlines over the past few years and it sadly isn’t going away anytime soon – especially with the Russian/Ukraine Conflict. A couple of weeks ago, President Biden issued a statement about potential increased cyberattacks as a result of the Russian/Ukraine conflict. In the statement, he says that “This is a critical moment to accelerate our work to improve domestic cybersecurity and bolster our national resilience. I have previously warned about the potential that Russia could conduct malicious cyber activity against the United States, including as a response to the unprecedented economic costs we’ve imposed on Russia alongside our allies and partners. It’s part of Russia’s playbook.”
President Biden goes on to say that “If you have not already done so, I urge our private sector partners to harden your cyber defenses immediately by implementing the best practices we have developed together over the last year. You have the power, the capacity, and the responsibility to strengthen the cybersecurity and resilience of the critical services and technologies on which Americans rely. We need everyone to do their part to meet one of the defining threats of our time — your vigilance and urgency today can prevent or mitigate attacks tomorrow.”
Jax and Kurtis talk about the executive order that The White House released last year about Zero Trust and how it impacts federal agencies and organizations. “Zero Trust is a philosophy and not a product,” says Kurtis Minder. “From a philosophy perspective it makes total sense. Limiting access to sensitive items and controlling that tightly is important. Making that a core philosophy for the access control environment will ultimately pay back in risk mitigation if there is a threat. I would also say that technology is moving quickly and bad guys are moving almost as quick. So, one of the things that I’ve noticed in the work that I’ve been doing, especially around ransomware, is that a lot of the plan that we have and developed are still dated. The incident response plans, and business continuity plans are already outdated. They are not prepared for a lot of the ransomware scenarios and companies haven’t quite caught up to that. It is definitely a gap.” During the conversation with Jax, Kurtis goes on to discuss how organizations need to protect themselves.
The conversation pivoted to GroupSense’s ransomware negotiation work. Jax asked Kurtis the question “Sometimes you pay the ransom. They may give you an encryption key, and they still spill your information on the dark web. Have you experienced that?” Kurtis responded “Not to my knowledge. But we have seen evidence that they (threat actors / ransomware groups) have taken the data that they have said that they ‘deleted’ and they have used it / drafted off the data to execute other attacks. Either on other victims or the same victim that they had attacked with ransomware. However, this time they will use the same data to execute a business email compromise attack. So yes, they honor their agreement to give you your files but don’t assume that they aren’t going to weaponize that data in some way against you or your partners.”
Watch the recorded podcast here (or embedded video below) to hear more from Kurtis and Jax.
GroupSense’s team of experienced negotiators developed cybersecurity tips to help reduce your risk.
Download to get all of GroupSense's tips to better protect your organization.
Kurtis Minder is the CEO and co-founder of GroupSense, a leading provider in Digital Risk solutions. Kurtis built a robust cyber reconnaissance operation protecting some of the largest enterprises and government organizations.
Kurtis has been the lead negotiator at GroupSense for ransomware response cases. He has successfully navigated and negotiated some of the largest ransomware, breach, and data extortion cases world-wide.
With over 20 years in the information security industry, Kurtis brings a unique blend of technical, sales and executive acumen.
Cyberwarfare is never going away, and defending ourselves is imperative. Outpost Gray provides weekly cybersecurity, technology, and innovation education on YouTube. Our guests are industry leaders who discuss current threats, emerging technology, and cyber law to help you prepare yourself in this ever-changing threatscape.
Weekly episodes drop every Thursday. Subscribe to their YouTube page at @outpostgray to stay in the cyber know. Visit https://www.youtube.com/c/OutpostGray