New owner of Canadian ransomware negotiating firm expands its mandate

Share post:

Two of Canada’s best known names in cybersecurity are teaming up again, this time to lead a firm specializing in post-breach remediation. Daniel Tobok and Ed Dubrovsky, formerly the founder and managing director respectively of the Toronto-based incident response firm Cytelligence, are now behind Cypfer, which is moving from focusing on ransomware negotiations into post-incident recovery consulting. Both men left Cytelligence recently, after staying with that firm following its acquisition in December, 2022 by insurance and consulting giant Aon plc. Early last month Tobok announced he had bought Toronto-based Cypfer. A few weeks later he announced that Dubrovsky has joined the company as managing director. Dubrovsky has led international security consulting practices as well as being a chief information security officer (CISO) and chief operating officer. “We’re about recovery post-breach,” Tobok said in an interview from Miami, where he now makes his home. “There’s a very big gap in the market today. When companies get breached, nobody is assisting them to get up and running after an incident. Our whole strategy is to build the largest global organization that will handle post-breach remediation.” Cypfer has 52 employees in Toronto. Tobok hopes to soon add 30 in Miami, which he said has become a big tech hub. He also plans to open offices in Europe, the Caribbean and South America. “Florida has about six major universities,” he said, “with very robust cybersecurity programs. That’s one of the reasons we chose Florida as a base. Miami is also great because we can get international flights. New York is extremely expensive.” Cypfer founder and president Jason Kotler will stay with the company as president. Dubrovsky will be responsible for strategy, execution, innovation and growth. “Once somebody gets breached … their biggest problem is, when they recover, to make sure their data is secure so they don’t get re-infected with ransomware, their credentials are not compromised and they can actually operate properly,” Tobok said. “That’s been a very big problem in the industry because people can re-install software, they can re-install hardware but nobody can actually provide them assurance that their data is secure. That’s what we’re doing.” Asked why the number of cyber incidents continues to rise, Tobok said things are improving. Organizations are “definitely getting more mature about cyber. There’s a lot more software, a lot more hardware, there’s a lot more strategy dealing with cyber. People are handling tabletop exercises and increasing their security budgets. Industry is definitely moving in the right direction. “Unfortunately, not to sound cliche, but it’s a bit of a cat-and-mouse game: We get a little bit ahead and the bad guys are lacking, and three months later the bad guys are a little bit ahead and we’re lacking.” It doesn’t help that sometimes defenders don’t move fast enough to react to certain changes, he added. He pointed to the expansion of global activity of Russian and Ukrainian-based threat groups since the war between the countries began earlier this year. The post New owner of Canadian ransomware negotiating firm expands its mandate first appeared on IT World Canada.
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.


Related articles

Microsoft to block emails from “Persistently Vulnerable Exchange Servers”

Microsoft has announced a new security feature for Exchange Online that will gradually throttle and eventually block emails...

Pinduoduo removed from Google Play Store after cyberattack

According to security researchers at Lookout, Pinduoduo has been involved in a complex malware attack through its application,...

Twitter source code leaked, demands GitHub reveal who posted it there

New York Times says the code posted on GitHub had been there for months. raising securit

Okta’s login flaw exposes users to attack, says Mitiga

According to Mitiga, Okta's login system contains a simple error that could expose its users to future attacks. Users...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways