Sign up to save your podcasts
Or
Share The 2 AM Call: A Ransomware Negotiator's Playbook with Wade Gettle
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The 2 AM Call: A Ransomware Negotiator's Playbook with Wade Gettle
What happens after you discover ransomware? You have to talk to the attackers. And that conversation can make or break your entire response.
In this episode, Wade Gettle, a professional ransomware negotiator, pulls back the curtain on the high-stakes world of threat actor negotiations. Wade is the person who gets the call at 2 AM when organizations are facing their worst moment, and he's handled negotiations across every scenario imaginable.
You'll learn:
- What actually happens in the first 72 hours of a ransomware incident
- The psychological tactics threat actors use to manufacture urgency and pressure
- Why those 24-hour deadlines aren't real—and how to buy yourself time
- How threat actors research your financials, insurance policies, and supply chain before making contact
- When data validation saves companies from paying ransoms for data that isn't even theirs
- The real cost of ransomware (spoiler: it's 10x the ransom amount)
- Why paying doesn't guarantee your data back—or that you won't get hit again
- Third-party breaches: the biggest risk vector right now
Key takeaway: Ransomware negotiations are psychological warfare disguised as business transactions. The best defense is being more prepared than the attackers expect you to be.
Resources mentioned in this episode:
- ransomware.live (ransomware group tracking, info, conversations and more)
- ransomlook.io (ransomware group tracking and statistics)
- ChatGPT Ransomware Negotiation Simulator: https://chatgpt.com/g/g-679a6253574c8191a998145044b9c651-ransomsim-ransomware-negotiation-trainer
- Wade Gettle on LinkedIn: https://www.linkedin.com/in/wade-gettle-7733704a/
About the guest: Wade Gettle is a Senior Advisor at Flashpoint and serves as a Cyber Mission Planner for the New York Army National Guard. With a background in intelligence analysis, incident response, and threat intelligence, Wade brings calm to the storm when organizations face their most critical security incidents.
Contact, Courses, and More:
For feedback, reviews, guest pitches, or to get in contact with me for any other reason, head to blueprintpodcast.live!
Check out John's SOC Training Courses for SOC Analysts and Leaders:
- SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations
- LDR551: Building and Leader Security Operations Centers
Follow and Connect with John: LinkedIn
View all episodes
By SANS Institute
4.9
131131 ratings
What happens after you discover ransomware? You have to talk to the attackers. And that conversation can make or break your entire response.
In this episode, Wade Gettle, a professional ransomware negotiator, pulls back the curtain on the high-stakes world of threat actor negotiations. Wade is the person who gets the call at 2 AM when organizations are facing their worst moment, and he's handled negotiations across every scenario imaginable.
You'll learn:
- What actually happens in the first 72 hours of a ransomware incident
- The psychological tactics threat actors use to manufacture urgency and pressure
- Why those 24-hour deadlines aren't real—and how to buy yourself time
- How threat actors research your financials, insurance policies, and supply chain before making contact
- When data validation saves companies from paying ransoms for data that isn't even theirs
- The real cost of ransomware (spoiler: it's 10x the ransom amount)
- Why paying doesn't guarantee your data back—or that you won't get hit again
- Third-party breaches: the biggest risk vector right now
Key takeaway: Ransomware negotiations are psychological warfare disguised as business transactions. The best defense is being more prepared than the attackers expect you to be.
Resources mentioned in this episode:
- ransomware.live (ransomware group tracking, info, conversations and more)
- ransomlook.io (ransomware group tracking and statistics)
- ChatGPT Ransomware Negotiation Simulator: https://chatgpt.com/g/g-679a6253574c8191a998145044b9c651-ransomsim-ransomware-negotiation-trainer
- Wade Gettle on LinkedIn: https://www.linkedin.com/in/wade-gettle-7733704a/
About the guest: Wade Gettle is a Senior Advisor at Flashpoint and serves as a Cyber Mission Planner for the New York Army National Guard. With a background in intelligence analysis, incident response, and threat intelligence, Wade brings calm to the storm when organizations face their most critical security incidents.
Contact, Courses, and More:
For feedback, reviews, guest pitches, or to get in contact with me for any other reason, head to blueprintpodcast.live!
Check out John's SOC Training Courses for SOC Analysts and Leaders:
- SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations
- LDR551: Building and Leader Security Operations Centers
Follow and Connect with John: LinkedIn
More shows like Blueprint: Build the Best in Cyber Defense
View all
Security Now (Audio)
2,009 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
651 Listeners
The Daily
113,323 Listeners
Darknet Diaries
8,090 Listeners
Cybersecurity Headlines
139 Listeners