Skip to main content
Taylor Banks, Maxwell Bevilacqua, & Kurtis Minder - How To Negotiate with Ransomware Threat Actors - $2,000 early
Taylor Banks, Maxwell Bevilacqua, & Kurtis Minder - How To Negotiate with Ransomware Threat Actors - $2,000 early

Taylor Banks, Maxwell Bevilacqua, & Kurtis Minder - How To Negotiate with Ransomware Threat Actors - $2,000 early

Trainer bios:

Taylor Banks has dedicated over 27 years to the cybersecurity field, training and mentoring more than 10,000 individuals worldwide since 1999. He has trained and consulted to organizations including Google and Microsoft, as well as the CIA, DOD, FBI, NASA, NOAA, NSA, United Nations, US Marine Corps MARCERT team, and hundreds of organizations and events worldwide. With a Public Trust Security Clearance, Taylor has been deeply involved in crucial global cybersecurity efforts, including ransomware negotiation through his work at GroupSense.

In addition to his expertise in high-stakes negotiations, Taylor is recognized for founding DC404, Atlanta's DEFCON group, has been a five-time speaker at DEFCON, is a member of DEFCON SOC command staff, and has spoken and keynoted at notable security conferences and events including Hacker Halted, LayerOne, NolaCon, Outzerz0ne, Security B-Sides, ShmooCon, and SkyDogCon.

Beyond his professional pursuits, Banks is deeply involved in public service, volunteering as a firefighter, EMT, and with his local SAR team.

Kurtis Minder is the CEO and co-founder of GroupSense, a leading provider of digital risk solutions. Kurtis built a robust cyber reconnaissance operation protecting some of the largest enterprises and government organizations.

Kurtis has been the lead negotiator at GroupSense for ransomware response cases. He has successfully navigated and negotiated some of the largest ransomware, breach, and data extortion cases worldwide.

With over 20 years in the information security industry, Kurtis brings a unique blend of technical, sales, and executive acumen.

Max Bevilacqua, Founder and Chief Negotiating Officer at Mindful Negotiating, brings a wealth of experience from the forefront of negotiation training and consulting. Drawing inspiration from Harvard's Program on Negotiation and the FBI's Crisis Negotiation Unit, Max has enhanced the negotiation capabilities of Fortune 100 executives, business development teams, and US Special Forces. His background includes serving as a Senior Trainer at Vantage Partners and contributing to Harvard Law School's negotiation workshops, alongside teaching roles at Boston University and the Fletcher School of Law and Diplomacy.

Max's work extends beyond academia into impactful community and international projects. A recipient of the Fulbright Scholarship to Central Java and a board member of the conservation non-profit Planet Indonesia, Max's diverse experiences underscore his commitment to negotiation as a tool for positive change.

Holding a Master’s Degree in International Negotiation and Conflict Resolution from The Fletcher School of Law and Diplomacy and a B.A. in Religious Studies from Wesleyan University, Max's academic achievements complement his practical expertise in negotiating leadership.

Trainer social media links:

Full description of the training:
Led by Max Bevilacqua, expert negotiation instructor from the famous Harvard Negotiation Project, Kurtis Minder, renowned expert on ransomware negotiations, and Taylor Banks, 5x DEFCON speaker, DC404 founder, and member of DEFCON’s SOC Command, this bespoke Ransomware Negotiation Training workshop is tailored to equip cybersecurity professionals with essential skills to combat the growing threat of ransomware. With a focus on practical knowledge and real-world scenarios, participants will gain insights into the anatomy of ransomware attacks, negotiation strategies, and the nuances of engaging with threat actors.

In light of the increasing prevalence of ransomware attacks and the critical need for effective negotiation strategies, this workshop addresses the crucial role of negotiation in getting businesses back up and running and reducing permanent data loss after a ransomware attack. Led by industry experts with practical knowledge gained from participating in some of the world’s largest ransomware and extortion negotiations, and drawing on their experiences with the the FBI’s Crisis Negotiation Unit (CNU) and Harvard Law School’s Program on Negotiation (PON), our instructors have developed a negotiation method that’s been proven to garner the best-case outcome for clients again and again.

The workshop will provide a tailored ransomware negotiation strategy, insights into the science of negotiation, and practical exercises to strengthen participants’ skills. Whether attendees are learning these skills for their respective organizations or to improve outcomes for clients, with a custom case simulation tailored to organizational structures, this workshop offers a unique opportunity for attendees to gain essential skills and knowledge to combat the growing threat of ransomware.

Short description of what the student will know how to do, after completing the class:

After completing this class, students will be equipped with the critical skills and knowledge to effectively engage and negotiate with threat actors in the event of a ransomware attack.

They will have a comprehensive understanding of the anatomy of ransomware attacks, the roles involved, and the ransomware ecosystem. Additionally, students will have developed a tailored ransomware negotiation strategy and gained insights into the science of negotiation, enabling them to engage with threat actors confidently and effectively.

Furthermore, they will be able to discern their role in a ransomware negotiation, understand the impact of ransomware negotiation on cybersecurity, and be well-prepared to respond to potential ransomware attacks within their organizations.

Outline of the class:
Day 1: Understanding the Anatomy of Ransomware Attacks and Developing Negotiation Strategies
Session 1: Introduction to Ransomware Negotiation
  • Overview of ransomware attacks and the critical need for effective negotiation strategies
  • Understanding the crucial role of negotiation in getting businesses back up and running and reducing permanent data loss after a ransomware attack
Session 2: Anatomy of Ransomware Attacks
  • In-depth exploration of how ransomware attacks are conducted and critical breach response roles to be orchestrated
  • Insights into the various threat actor groups and their tactics
  • Understanding the contemporary regulatory environment, including OFAC sanctions, cryptocurrency, and its impact on ransomware negotiations
Session 3: Developing a Tailored Ransomware Negotiation Strategy
  • Practical frameworks for analyzing and conducting negotiations in the context of cybercrime, using (modified) transcripts of past ransomware negotiations
  • Core negotiation principles and their application to ransomware negotiations
  • Tailoring negotiation strategies to different threat actor groups and scenarios
Session 4: Immersive Ransomware Negotiation Simulation
  • Dynamic, real-world ransomware attack simulation led by industry experts with extensive experience in ransomware negotiations
  • Participants engage in a tailored, dynamic, and realistic negotiation scenario to apply the knowledge and strategies learned throughout the day
Day 2: Strengthening Negotiation Skills and Building Response Plans
Session 5: Strengthening Negotiation Skills
  • Debriefing and reflection on strengths and weaknesses of the negotiation performance
  • Exercises to strengthen vulnerabilities identified in the previous day’s negotiation simulation
  • Understanding the interplay amongst selected data, interpretation, and conclusions using the Ladder of Inference model
Session 6: Building a Team Response Plan
  • Facilitators will guide participants in developing a comprehensive team breach response plan, based on strengths, weaknesses, and vulnerabilities
  • Participants will understand the multiple negotiation tables at play within the victim organization and piece together the best approach at each table
Session 7: The Science of Negotiation and Dealing with Difficult Tactics
  • Insights into the science of negotiation and its application to real-world ransomware scenarios
  • Reviewing difficult threat actor tactics and practicing responses using the 7 Elements framework
  • Introduction to the 3 Modes of Communication and their application in ransomware negotiations
Session 8: Conclusion and Next Steps
  • Recap of key learnings and takeaways from the workshop
  • Guidance on applying the acquired skills and knowledge to combat the growing threat of ransomware in participants’ respective and client organizations
Technical difficulty of the class (Beginner, Intermediate, Advanced):


Suggested prerequisites for the class:

Completion of a TKI assessment, to be provided by training facilitators
Items students will need to provide:
  • Laptop computer running Windows, Mac or Linux OS with WiFi capabilities
  • Logins for Signal, Telegram, and WhatsApp
  • A ProtonMail account