The Cyber5 Podcast

Ransomware Negotiations and Risk Management with Crypsis Group VP Art Ehuan

Episode 22 of the podcast covers ransomware negotiations, threat intelligence, and the role risk management plays into corporate enterprise following ransomware events with Crypsis Group Vice President Art Ehuan.


  • (01:22) Question 1: What are the defendable conclusions that companies can use with legal counsel that avoid disclosures after ransomware events? Secondly, what’s some details behind the uptick in public release requests?
  • (04:55) Question 2: Describe the details behind ransomware negotiations.
  • (07:03) Question 3: Describe how threat intelligence and investigations outside the firewall can assist your team in incident response investigations.
  • (07:56) Question 4: Ransomware occurs from attacker’s ability to move laterally in an environment to meet the collection objectives. After the breach, how do these scenarios play out from a corporate governance perspective?
  • (12:30) Question 5: How can threat intelligence and risk management programs help prioritize these efforts to avoid future breaches?

Episode 22 | September 3, 2020

Adversary Research
Discovering the methods, motives and identity of threat actors to disrupt attacks 
Reputation Defense
Technical guidance for countering disinformation and slanderous attacks 
Trust & Safety
Intelligence to secure business operations and defend against fraud, abuse and e-crime 
TPRM Exposure
Adversary-centric intelligence to address supplier, M&A and investment risks 
Outside Intel
Research for defending outside the firewall that leverages tier 3 intelligence programs 
Executive Shield
Assessment of threats to key personnel with attribution and PII takedown  
Adversary Insights℠ Retainer
Annual retainers for client-driven inquiries and rapid-response research 
Intelligence Team as a Service
Collaborative engagement providing robust intelligence and tier 3 cyber analysts  
Event-Driven Intel Investigations
Multidimensional security fact-finding that delivers insights into adversary behavior 
On Demand Threat Research
Proactive and preventative investigations that reveal threat actor context and risk correlations 
Investment Zero Touch Diligence℠
Project-based discovery to assess risk for investments, IPO, Mergers and Acquisitions 
TPRM Zero Touch Diligence℠
Subscription assessment of external network hygiene, key personnel, and non-traditional business risks