adarma_logo_twgt-black[11615449]
adarma_logo_twgt-black[11615449]
Security Consulting
Strategy & Transformation
Security Engineering
Assessments
Threat Intelligence Exposure Management
Detection & Response
Managed SOC
Microsoft MDR Solution
Security Engineering
Incident Response
Socket Platform
About Us
We Are Adarma

Your partner for effective cyber threat management
ESG

Protecting the promise of cyber resilience
Partners

Working in partnership to make the world a safer place
Careers

Become a Cyber Defender
Contact Us

Get in touch today
Insights
Cyber Hub
Cyber Insiders
News & Blog
SIEM Transformation
Future-Ready SOC Report
SecOps Excellence
Events
Share:
April 9, 2025

From Crisis to Control: Leading a Ransomware Response from the Cyber Frontline

What does it really take to respond to a major ransomware attack? In this episode of Cyber Insiders, Laura Ingram, Managing Consultant at Adarma, shares her firsthand account of leading an incident response team through a critical, high-pressure ransomware crisis.

The customer, a global organisation, had been under sustained attack for ten days before they reached out and engaged Adarma for support. Within 12 hours, Laura and her team were on site, with a clear mission: regain control. The customer’s internal teams were exhausted, infrastructure was under strain, and the attacker was still active in the environment. The pressure to move quickly, and get it right, was intense.

This episode pulls back the curtain on what happens behind the scenes during a full-scale ransomware attack. Laura talks about the immediate need to establish clear chain of command, align teams under one vision, and build trust in an environment where people were already close to burnout. She reflects on the importance of morale, the emotional toll of working round-the-clock, and the power of small human moments that helped restore some sense of normality during a long, intense engagement.

You’ll also hear how Adarma’s “Get Them Out, Keep Them Out” philosophy shaped the team’s technical response, from isolating the attacker to restoring operations securely. Laura explains how they discovered that the threat actors were actively monitoring internal communications and how quickly the team had to pivot to secure new communication channels and regain tactical advantage.

This isn’t just a story of technical know-how. It’s a lesson in leadership under pressure, empathy in action, and the importance of preparation long before an attack hits. Laura shares practical advice on:

  • Establishing the chain of command in a crisis
  • Coordinating effectively across internal and external teams
  • Maintaining morale during long-running incidents
  • Building a cyber resilience roadmap before an incident occurs
  • Running meaningful crisis simulations and SOC maturity assessments
  • Augmenting internal teams with external support when it matters most

 

This episode is essential listening for CISOs, security leaders, and anyone responsible for keeping their organisation safe in the face of cyber threats. It’s a story from the front-line on how one organisation moved from crisis to control, and what it takes to truly stand shoulder-to-shoulder with a customer during their most vulnerable moments.

Tune in to hear how it all unfolded and take away lessons that could help shape your response when the stakes are high.

Let’s Talk

If you would like to learn more about how Adarma can support your organisation’s cyber resilience, please get in touch with us at hello@adarma.com.

To hear more from us, check out the latest issue of ‘Cyber Insiders,’ our c-suite publication that explores the state of the threat landscape, emerging cyber threats, and most effective cybersecurity best practices.

You can also listen to our new podcast, which explores what it’s really like to work in cybersecurity in today’s threat landscape.

Stay updated with the latest threat insights from Adarma by following us on X and LinkedIn.

 

 

Contact Us