Responding to Ransomware Attack [Case Study] | Interview with Yannick Hirt | EP29

Описание: Dejan Kosutic interviews Yannick Hirt from ODCUS about his experience with a real ransomware attack on an international industrial company. They discuss likely phishing entry via a privileged IT account, overnight encryption, and setting up a war room. The company restored critical systems from verified cloud backups without paying, while briefly negotiating via a Dutch specialist as the attacker threatened data release. Key lessons include tested backups, detection and provider SLAs, privileged access controls, BIA/process mapping, strong documentation and forensics, communications, insurance coordination, and regular training.

LINKS FROM THE VIDEO
► Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/page-Conformio-fo...
► White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits
► Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses
► Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Trai...
► Beginner's Course for ISO, Cybersecurity, and AI Consultants    • Beginner's Course for ISO, Cybersecurity, ...  
► How to Grow Your Cybersecurity, ISO, or AI Consultancy: Advanced Course https://advisera.co/GrowYourConsultan...

PREFER LISTENING?
Check the Secure & Simple podcast on these platforms:
Apple Podcasts https://podcasts.apple.com/us/podcast...
Spotify https://open.spotify.com/show/58Jg0CP...

KEEP UP TO DATE
Subscribe to my YouTube channel:    / @dejankosutic  
Follow me on LinkedIn:   / dejankosutic  
Follow me on Twitter:   / dejan_kosutic  
My blog: https://advisera.com/author/dejankosu...

ABOUT ME
I'm Dejan Kosutic, CEO at Advisera - my field of expertise is ISO 27001, NIS2, and DORA compliance, as well as cybersecurity management.

00:00 Meet the Host & Guest: Real-World Ransomware Lessons
01:07 How the Attack Started: Cloud Transformation, Gaps, and a Phishing Entry Point
04:19 Day Zero Response: Disconnecting Systems and Standing Up the War Room
08:07 Early Critical Decisions: Recovery Streams, Stakeholders, Police & Insurance
09:21 Restore vs Rebuild: Mapping Critical Apps and Validating Backups
11:24 Talking to the Attackers: “Service Desk” Negotiations and Typical Ransom Size
14:22 To Pay or Not to Pay: Strategy, Data-Leak Risk, and Criminal “Reliability”
16:24 Recovery Timeline & Aftermath: Dark Web Leak, Employee Calls, and Government Response
21:33 Who Decides the Recovery Order? IT + Business Alignment
23:31 PR in the War Room: Internal Updates, Guidelines & External Liaison
25:19 Senior Management’s Real Job During Recovery (People, Logistics, Support)
27:51 Working With Cyber Insurance: Support Now, Paperwork Later
30:49 Forensic Report Deep Dive: Entry Point, Lateral Movement, and Tradeoffs
32:38 Consultants in a Ransomware Crisis: Networks, Pragmatism, and Calm
41:43 Resources for Consultants and Cybersecurity Professionals

#podcast #ransomwareattack #casestudy #cybersecurity #governance #strategy #consultancy #securityofficer #ciso