When the Negotiator Is on Both Sides of the Table: Rethinking IR Trust After the BlackCat Sentencings
·1822 words·9 mins
On April 30, 2026, two former incident response professionals were sentenced to four years in federal prison each for conducting BlackCat ransomware attacks against U.S. companies. One had been an IR manager at a well-known IR firm. The other had been a ransomware negotiator at a separate well-known firm. The case forces a question most organizations have never seriously asked: what is the actual control model for the people you call when everything is on fire?