Ransomware negotiator Retainer? Do you currently hold a retainer with a ransomware negotiator consulting firm? If so any recommendations?

Peer Insights Security Strategy & Roadmap

212 views1 Upvote3 Comments

Sort by:

AI Governance Strategist in Travel and Hospitality4 days ago

Yes — and structure matters more than the name.
Best Practice: Recovery by design, negotiation by exception.

For insurer-aligned retainers:
• Coalition for enterprise (built-in negotiator panel + in-house IR)
• At-Bay for mid-market (prescriptive OFAC/legal workflows)
• Corvus for SMB (integrated prevention + response)

Coverage sanity check: Always confirm panel status, compliance, and pre-auth during renewal — not during a breach.

Note: Sygnia remains top-tier as a hands-on response and negotiation firm — often embedded within these insurers’ panels rather than used standalone.

Coalition, At-Bay, and Corvus orchestrate; Sygnia executes. Alignment ensures coverage and speed when it matters.

Director of Information Security6 days ago

Insurance companies will not pay a claim for ransomware. Instead of paying the attackers, you would be better off investing in recovery of your systems. You will be attacked, you will be compromised, you must minimize the damage to your organization using the Defense in Depth and Zero Trust frameworks. Isolate as much as possible with internal network segments. Ensure the attackers are unable to transit the internal network freely. Then focus on recovery. Clean backups, data organization, prioritization of systems, and practice!!!!!!

Director of Information Security6 days ago

Sygnia helped me with that issue once. https://www.sygnia.co/

Content you might like

What course(s) are you most looking forward to at the SANS Pen Test HackFest Summit and Training 2022?

Hacker Tools, Techniques, and Incident Handling26%

Cloud Penetration Testing50%

Enterprise Penetration Testing45%

Advanced Penetration Testing, Exploit Writing, and Ethical Hacking39%

Web App Penetration Testing and Ethical Hacking27%

Automating Information Security with Python20%

Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses15%

Mobile Device Security and Ethical Hacking13%

Advanced Exploit Development for Penetration Testers14%

Cyber Deception - Attack Detection, Disruption and Active Defense7%

View Results

We are seeing an uptick in SOC 2 reports being issued by individual CPA's instead of CPA firms. While the CPA is certified, the firm / GRC tool that completed the work is not, but the CPA has signed the opinion. We are looking to see if other companies are accepting these reports as valid.

How many hours on average does your team spend on compliance and reporting each week?

Less than 5 hours32%

5-10 hours41%

11-15 hours17%

16-20 hours6%

21-25 hours1%

More than 25 hours2%

View Results

We are on the cusp of conducting a pilot of AI tooling - we intend to use Gemini & CoPilot, providing training, guidance & policy to our user group. Before we start we should conduct a risk assessment - my question is: can you recommend a tool or template?