2-Day Instructor-Led Programme
Understand how nation-states weaponise ransomware as an instrument of policy, how to attribute campaigns to state actors, and how to build organisational and national-level response frameworks.
Duration
2 Days
Price
$2,495
Ransomware has evolved from a criminal nuisance into a geopolitical weapon. State-sponsored groups now deploy ransomware to generate revenue for sanctioned regimes, to disrupt critical infrastructure, and to exert political pressure on adversaries. The Lazarus Group, Sandworm, and their affiliates have demonstrated that ransomware can simultaneously fund prohibited weapons programmes while crippling hospitals, logistics networks, and government services. This two-day practitioner programme goes beyond incident response. It addresses the attribution challenge, the policy landscape around ransom payments, the role of cyber insurance, the legal obligations on organisations and governments when state-sponsored ransomware strikes, and how to contribute to national-level response frameworks. Delegates leave with the skills to advise leadership, coordinate with law enforcement, and communicate credibly with regulators and insurers.
State-actor attribution analysis, OFAC compliance advising, ransomware crisis communications, incident coordination with law enforcement, and ransom policy framework design.
Distinguish state-sponsored ransomware from criminal campaigns using attribution methodology.
Apply the attribution confidence scale to communicate uncertainty appropriately to leadership.
Advise the board on ransom payment decisions with reference to legal and sanctions obligations.
Coordinate organisational response with law enforcement and government agencies during a state-sponsored incident.
Design tabletop exercises that simulate state-sponsored ransomware scenarios for executive teams.
Contribute meaningfully to national threat intelligence sharing mechanisms.
Completion of Cyber Warfare Foundations (X-CWF-F) or equivalent awareness.
Working knowledge of incident response processes.
Familiarity with ransomware mechanics at a conceptual level.
Step-by-step learning journey from basics to professional practice
Master these in-demand skills through hands-on practice
A clear view of the roles this programme supports, what typically comes next, and where learners progress over time
Choose the learning format that works best for you and your team
Instructor-Led Training
Join live instructor-led sessions from anywhere. Interactive, engaging, and flexible.
Price per person
Group enrolments and early planning options available.
All prices are exclusive of VAT where applicable. Group enrolments and custom packages available on request.
Not everyone learns best in a group. If you want focused guidance, faster clarity, and confidence you can use on the job, our 1-to-1 Fast-Track Training gives you private, mentor-led support tailored to your experience and goals.
"Many learners choose 1-to-1 when they want understanding, not memorisation."
Everything you need to know about the certification exams
You will receive an Xcademia certificate of completion based on participation and successful completion of labs and scenario simulations.
Everything you need to know about this course
Yes. The course is designed for cross-functional teams. Legal, compliance, and risk professionals are core delegates alongside technical leads. Attribution, policy, and legal obligation modules require no coding or tool knowledge.
Take the next step in your professional development