Yuri Kogan has been dealing with crisis management and crisis negotiations since Javascript hit the market. He worked for the Israeli Prime Minister’s Office in security intelligence. (For anybody who watches the news, you know protecting Israel from attacks is no small task.) 

In short, Yuri knows his cyber stuff, and he now heads our Crisis Management Training & Crisis Management Response Teams. In this, the first of two blogs, we share Yuri's experiences with crisis management and thoughts on ransomware. 


From counter-terrorism to critical infrastructure protection

After close to 3 decades in counter-terrorism, Yuri retired. . . to the private sector. 

Instead of talking down terrorists on the phone, he was negotiating with corporate ransomware attackers online. While seemingly not as dangerous as a hijacker, a ransomware attack could prove fatal as we’ve seen in attacks on hospitals. 

Besides the threat to human life, a ransomware attack could mean death for a company if the company does not make being prepared part of its business. 

After all, today it’s not a question of If but rather When? (We all know this but just don’t want to think about it.) Because, in reality, the percentages of cyber attacks are soaring. Last year there were 50% more cyber attacks per week on corporate networks than in 2020. 

Companies that are aware of and plan for a potential ransomware attack are more likely to have a successful outcome. 


Yuri Kogan’s “most important” crisis management incident 

Here are two stories that span the spectrum of Yuri’s value to companies…and to the people behind the companies. 

One small business Yuri helped was a sole proprietorship with 50 employees. The company did not have the money to pay the demanded ransom. It was a limited liability company, but the owner had personally vouched for the business’ assets. The ransomware attack put the owner in an impossible situation in which he was afraid the ransomware attack would lead to him losing his home. So he began preparing to legally divorce his wife so his family would not wind up losing their house. 

“You saved my life, Yuri!” this small business owner said. 

On the other side of the coin is a brand’s reputation, which is gold in the business world. Yuri saved a large European company that was under the threat of having their data published. While it would not have hurt any individual employees personally, it would have devastated the company’s brand name. 

With critical infrastructure, the stakes are even higher, with human lives and companies’ lives on the line, but the principles remain the same. And it all comes down to preparation.  


Cyber preparedness and ROI

While most  executives want to focus on profits and revenues and don't necessarily see the “value” in cyber readiness, companies still have to protect themselves. That’s what insurance is for, right? 

Preparing for the threat of ransomware is a different type of insurance investment. While cyber readiness won’t increase profits, it can quite literally save the company as we saw in the story above. 

When asked how much a company will get back for investing in cybersecurity and preparedness, Yuri responds by asking: How much do you value your company? Is the ROI to continue to exist – or to cease existing? 


2 steps to ransomware readiness

Being aware and prepared increases a company’s chances of a successful outcome. Here are Yuri’s two suggested steps toward becoming ransomware ready: 

  • Pre draft a crisis management plan. 
  • Create a list of trusted professionals who will respond and assist in the event of a crisis.
    * Bookmark this link right now and share it with your CEO and CISO. 

These two steps will prevent panic and wasted time in case of a cyberattack. It’s worth saying again that companies that are aware and plan for a potential ransomware attack are more likely to have a successful outcome.

In a follow-up blog, we will dive into more detail about being prepared and successful outcomes to ransomware attacks. Subscribe so you know when it comes out. In the meantime, take a look at our PR2— CybergymIEC's uniquely comprehensive package that covers everything a company needs to Prepare for, Respond to and Recover from a cyber attack.


Download PR2