Ransomware Attack?
Professional Negotiation instead of Panic.
When every minute counts, you need experienced negotiation partners by your side. We are your independent expert team for ransomware negotiations.
Independent. Experienced. Transparent.
When your company falls victim to a ransomware attack, you face critical decisions: to pay or not to pay? How do I communicate with the attackers? Can I trust the criminals? What are the legal consequences?
We offer independent ransomware negotiations – independent of insurance companies, IT service providers, or other conflicts of interest.
IT Legal Consulting
Specialized lawyer for IT law, data protection, and cybercrime. Knowledge of the legal framework in Austria and the EU.
Forensic Analysis
Certified computer forensics expert and court-certified expert. Verification of whether the attackers actually have your data.
Strategic Negotiation
International experience in negotiation management. Not emotional, but strategic for the best possible outcome.
This combination is unique to us – and it is crucial for your success.
Our Service
Everything from a single source: from initial contact to resolution
Immediate Initial Assessment (0-2 hours)
- Analysis of the ransom demand
- Identification of the attacker group
- Assessment of the acute threat situation
- Development of a negotiation strategy
Legal Protection
- Checking sanction compliance (EU, US, OFAC)
- Assessment of GDPR reporting obligations
- DPA reporting if desired
- Advice on criminal liability risks
- Documentation for insurance and authorities
- Cooperation with public prosecutors
Forensic Analysis
- Verification of the attack (Proof of Life)
- Checking for data exfiltration
- Assessment of the encryption
- Identification of recovery alternatives
Professional Negotiation Management
- Direct communication with the attackers
- Gaining time for management and IT
- Reduction of the ransom demand
- Negotiation of deletion promises
- Ensuring decryption
Secure Processing
- Accompaniment of the cryptocurrency transaction
- Verification of decryption tools
- Coordination with IT incident response teams
- Securing evidence for later prosecution
After the Crisis
- Lessons Learned
- Recommendations for preventive measures
- Documentation for internal and external audits
Why Professional Negotiations?
The first 72 hours are decisive
After a ransomware attack, the clock is ticking. Every decision has far-reaching consequences:
- Negotiate yourself? Without experience, you risk higher demands, data loss, or legal problems.
- Pay immediately? You risk a "double dip" – attackers demand more if you give in too quickly.
- No response? Attackers could publish or resell your data.
Our goal is not automatically payment
We help you make the best decision for your company. Sometimes payment is the most economically sensible path. Sometimes it's not. In any case, we provide you with:
- Time for your IT to check backups
- Clarity about the actual damage
- Reduction of the ransom demand by an average of 30-70%
- Certainty in the legal assessment
Why us?
Your advantages at a glance
Complete Independence
We are not bound to insurance companies, IT service providers, or other third parties. Our only obligation is to you.
Legally Sound
We know the legal pitfalls: from sanction lists to anti-money laundering regulations and GDPR reporting obligations.
Forensically Precise
We recognize whether the attackers actually have your data – or are bluffing.
Strategically Savvy
We don't negotiate emotionally, but strategically. Our goal: minimize the ransom demand and gain time.
24/7 Availability
Ransomware attacks don't stick to office hours. We are available for you around the clock.
International Experience
We work with international partners and can conduct negotiations in multiple languages.
Our Experts
The perfect duo for your negotiation
Mag. Roman Taudes, LL.M.
Specialized in IT law, data protection law, and cybercrime. With his LL.M. in IT law and years of experience advising companies after cyberattacks, he knows the legal frameworks in Austria and the EU in detail.
Expertise
- IT contract law and liability issues
- GDPR and data protection emergencies
- Compliance with ransom payments (Sanctions Screening)
- Criminal law in the context of cybercrime
- Advising C-level and boards
Michael Meixner, CISSP
CEO of Tems Security Services and court-certified expert for IT forensics. With over 22 years of IT experience and 8 years at Big 4 firms (KPMG, Deloitte), he has forensically investigated and accompanied numerous ransomware cases.
Expertise
- IT Forensics and Incident Response
- Ransomware analysis and threat intelligence
- Penetration testing and security assessments
- Court expert opinions and securing evidence
- CISSP-certified Incident Response Manager
Frequently Asked Questions
We support you in making the right decision for your company. This can mean NOT paying – for example, if backups work or the attackers are unreliable. If payment is unavoidable, we accompany it in a legally secure and strategically optimal manner.
In Austria and the EU, payment is generally legal as long as no sanctioned terrorist organizations are involved. We check this in advance (OFAC, EU Sanctions Lists) and document all steps.
Within 1-2 hours after your call, we perform an initial assessment and, if necessary, establish contact with the attackers.
We work with transparent package prices, depending on the scope of the case. In an emergency, we discuss the costs in advance – no hidden fees.
Yes, we are familiar with the requirements of cyber insurance and support you in damage reporting and documentation. Our service is often covered by insurance.
No one can guarantee that. However: We check the reputation of the attacker group, demand "Proof of Life," and verify decryption tools before any payments are made.
You remain in control at all times. No decision is made without your consent. You receive regular updates on the negotiation progress.
Every minute counts.
In a crisis, you need partners who know what they're doing. With over 22 years of IT experience, forensic expertise, and legal know-how, we offer you the professional support you need in this critical situation.
Independent. Competent. Transparent.
Let us help you regain control.
24/7 Emergency Hotline
hello@negotiator.helpFor planned prevention consulting: office@negotiator.help