According to online-security giant Symantec, over $4 billion in ransom money was paid to hackers in 2013.
If you decide to negotiate, how do you improve the decision-making dynamics?
One of the major mistakes that enterprises and IT managers make is to assume that negotiation with a hacker is similar to bargaining with an angry business partner or a disappointed customer.
The operational consequence of this uncertainty is that the hacker should be treated with professional respect, because the information he has will always be more accurate, relevant and meaningful than the information the negotiator holds.
Coordinate: Make sure the negotiation is synchronised among the entire crisis team: security personnel – intelligence, forensic and investigators – legal advisors, public-relations experts, your insurers and so on.
The longer negotiation lasts, the more the risk increases.