How to Negotiate with Ransomware Groups

Are you concerned about the recent ransomware attacks? Listen to this episode to learn how to negotiate with ransomware groups. 

In this episode, I am joined by cyber security experts, Richard Cassidy and Oliver Rochford, to share their experiences and knowledge to help you understand the impact of ransomware and how best to respond to ransomware groups if you find yourself in that situation.  

In this episode, we covered the following topics: 

  • How ransomware became both a technological and economic problem 
  • The rise of ransomware in relation to cryptocurrency 
  • Examples of a ransomware attacks 
  • What to look out for to protect your company from ransomware 
  • The measures to take when dealing with a ransomware attack 
  • How the government can further improve the authorities’ response to ransomware attacks 
  • The preferred skill sets to successfully mitigate the impact of a ransomware attack 
  • Having the right people to negotiate with ransomware groups 

Oliver argues that ransomware is not just a technological issue but also a human and economic problem. Richard concurs, noting that having a team with the technical skills to confront ransomware groups is not enough and that it also requires a different type of training and capability. 

This highlights the need to look at ransomware from different angles and to invest in developing skill sets to tackle the problem from all sides. With the right combination of technological, human, and economic skills, the fight against ransomware can be successful. 

Listen to this episode on your favourite podcasting platform. 

If you are a new listener to the Razorwire, we would love to hear from you. For more information about us or if you have any questions you would like us to discuss on the podcast email 


Richard Cassidy 

Richard Cassidy has been consulting to businesses on cyber security strategies and programs for more than two decades, working across highly regulated industries including finance, insurance, retail, manufacturing, government and military. During his career Richard has been heavily engaged in the design and implementation of infrastructure & cyber security solutions, helping organisations in evolving security, compliance, risk management, data assurance, automation, orchestration & breach response practices.  

Richard’s security operations experience includes managing Computer Emergency Response Teams (CERT), breach response teams, threat intelligence and hunting teams, as well as educating the industry on how data and assets are targeted by cyber-criminal groups, which in return supports effective security practices and mitigation strategies. Richard has led major breach investigations across CNI (Critical National Infrastructure), Finance, Military and Educational institutions over the past decade, with specific expertise in financial fraud investigations on SWIFT payment networks and OT Manufacturing environments, helping align technical investigation processes to business risk analysis to better serve breach response plans. 

Combining hands-on experience with the technologies and services that have evolved over the past two decades, with a detailed perspective on end-user security risks, Richard focuses on delivering thought leadership tracks that help decision-makers define practical security, compliance, and data assurance strategies. He is well versed in showing organisations how to better navigate a highly complex and automated threat landscape, in tandem with achieving (and maintaining) regulatory, compliance and data assurance mandates that business leaders face in today’s technology landscape.  

Richard is an active industry contributor, regularly delivering speaker sessions at events including SANS, BlackHat, IP Expo, InfoSec, FSISAC, and security seminars EMEA-wide, not to mention many article publications in the arena of cybersecurity, compliance, industrial control, and emerging technology matters.  

Oliver Rochford 

Oliver Rochford has worked in cyber security as a penetration tester, consultant, researcher, and industry analyst for over 20 years. He has been interviewed, cited, and quoted by media, think tanks, and academia, he has written for Securityweek, CSO Online, and Dark Reading. While working at Gartner, he co-named the Security Orchestration, Automation and Response (SOAR) market, worked on the SIEM Magic Quadrant, and also covered the European MSSP Market. Prior to joining Securonix, Oliver worked for Qualys, Verizon, Gartner,  Tenable, and Securonix. Oliver is Chief Furitist at Tenzir, where he works on product strategy and marketing.  

Connect with Your host James Rees 

Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult. 

Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights. 

With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers 

Listen to this episode on your favourite podcasting platform and for more information about us or if you have any questions you would like us to discuss on the podcast email 

If you need consultation, visit, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion. 

Linkedin: Razorthorn Security 

Youtube: Razorthorn Security 

Twitter:  @RazorThornLTD 


All rights reserved. © Razorthorn Security LTD 2023

Follow Us