The Evolving Face of Ransomware — and How We Can Stay Ahead of It

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | RSS

Ransomware has been part of the cybersecurity conversation for years, but if you think it’s yesterday’s problem, think again. The headlines might be dominated by AI these days, yet behind the scenes, ransomware continues to disrupt organizations of every size — from small businesses to multinational enterprises.

In this episode of the TechSpective Podcast, I sat down with Rob Harrison, Senior Vice President of Product Management at Sophos, for a wide-ranging conversation about findings from the recent Sophos State of Ransomware Report, ransomware’s persistent threat, the critical role of Managed Detection and Response (MDR), and how AI is reshaping the security landscape.

Fortunately, it was not a typical “cyber doom” discussion.

Rob brings a unique perspective, blending his experience leading Sophos’ MDR business with a career that’s spanned everything from defending national security to protecting critical cloud workloads. Our talk dives into the trends shaping both the technical and human sides of ransomware response — and why some organizations emerge stronger while others don’t survive at all.

Why This Conversation Matters

While ransomware hasn’t disappeared, the tactics have evolved. The game is no longer just about encrypting data and demanding payment. The threat landscape is shifting toward double extortion, data exfiltration, and in some cases, skipping encryption altogether. Rob and I explore how this evolution is forcing organizations to rethink their approach to prevention, detection, and response.

We also discuss how MDR can be a game-changer, particularly for organizations without the resources or expertise to run a 24/7 security operation in-house. It’s not just a question of technology — it’s about having the right people, processes, and visibility to act decisively when every second counts.

But what about AI? It’s easy to assume that “AI in security” is just another buzzword. We unpack how AI — especially in its more agentic and automation-focused forms — is already making a real impact in the SOC. From handling tedious, repetitive tasks to providing richer context for human analysts, AI is becoming a force multiplier for security teams.

The Human Factor

One of the most compelling parts of our conversation focuses on the human cost of ransomware — the stress, burnout, and organizational disruption it leaves behind. Rob offers insights on how to prepare for worst-case scenarios, not just from a systems and data standpoint, but from a leadership and team perspective.

We also touch on the importance of preparation and practice. Just as pilots run flight simulations and first responders drill for emergencies, organizations need to rehearse their incident response. That way, when the heat is on, muscle memory kicks in, roles are clear, and decisions are made with confidence.

Why You Should Listen

If you’re a security leader, business owner, IT professional, or simply someone interested in how technology, strategy, and human decision-making intersect in the fight against ransomware, this episode is for you. We cover:

• The changing tactics of ransomware operators
• How MDR can extend or even replace in-house capabilities
• The role of AI in modern security operations
• Strategies for reducing the human toll of cyber incidents
• The importance of preparation, communication, and trust in response efforts

This is not a doom-and-gloom story. It’s a conversation about resilience, about making smarter security decisions, and about ensuring that when — not if — an incident occurs, your organization is ready.

Listen to the full episode now to hear the full discussion and take away actionable insights you can apply today.