New owner of Canadian ransomware negotiating firm expands its mandate

Share post:

Two of Canada’s best known names in cybersecurity are teaming up again, this time to lead a firm specializing in post-breach remediation. Daniel Tobok and Ed Dubrovsky, formerly the founder and managing director respectively of the Toronto-based incident response firm Cytelligence, are now behind Cypfer, which is moving from focusing on ransomware negotiations into post-incident recovery consulting. Both men left Cytelligence recently, after staying with that firm following its acquisition in December, 2022 by insurance and consulting giant Aon plc. Early last month Tobok announced he had bought Toronto-based Cypfer. A few weeks later he announced that Dubrovsky has joined the company as managing director. Dubrovsky has led international security consulting practices as well as being a chief information security officer (CISO) and chief operating officer. “We’re about recovery post-breach,” Tobok said in an interview from Miami, where he now makes his home. “There’s a very big gap in the market today. When companies get breached, nobody is assisting them to get up and running after an incident. Our whole strategy is to build the largest global organization that will handle post-breach remediation.” Cypfer has 52 employees in Toronto. Tobok hopes to soon add 30 in Miami, which he said has become a big tech hub. He also plans to open offices in Europe, the Caribbean and South America. “Florida has about six major universities,” he said, “with very robust cybersecurity programs. That’s one of the reasons we chose Florida as a base. Miami is also great because we can get international flights. New York is extremely expensive.” Cypfer founder and president Jason Kotler will stay with the company as president. Dubrovsky will be responsible for strategy, execution, innovation and growth. “Once somebody gets breached … their biggest problem is, when they recover, to make sure their data is secure so they don’t get re-infected with ransomware, their credentials are not compromised and they can actually operate properly,” Tobok said. “That’s been a very big problem in the industry because people can re-install software, they can re-install hardware but nobody can actually provide them assurance that their data is secure. That’s what we’re doing.” Asked why the number of cyber incidents continues to rise, Tobok said things are improving. Organizations are “definitely getting more mature about cyber. There’s a lot more software, a lot more hardware, there’s a lot more strategy dealing with cyber. People are handling tabletop exercises and increasing their security budgets. Industry is definitely moving in the right direction. “Unfortunately, not to sound cliche, but it’s a bit of a cat-and-mouse game: We get a little bit ahead and the bad guys are lacking, and three months later the bad guys are a little bit ahead and we’re lacking.” It doesn’t help that sometimes defenders don’t move fast enough to react to certain changes, he added. He pointed to the expansion of global activity of Russian and Ukrainian-based threat groups since the war between the countries began earlier this year. The post New owner of Canadian ransomware negotiating firm expands its mandate first appeared on IT World Canada.
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs


Related articles

Cyber Security Today, April 12, 2024 – A warning to Sisense customers, a new tactic for spreading the Raspberry Robin worm, and more

A warning to Sisense customers, a new tactic for spreading the Raspberry Robin worm, and more. Welcome to Cyber Security Today. It’s Friday April 12th, 2024. I’m Howard Solomon. Organizations that use products from business analytics provider Sisense [SI-SENSE] are being told to reset user login credentials and digital keys. The warning comes from the

LinkedIn introduces verification for recruiters to combat scams

LinkedIn announced today the launch of a new verification process for job recruiters, a move aimed at curtailing...

Cyber Security Today, Week in Review for week ending Friday, April 5, 2024

This episode features a discussion on a highly critical report on the hacking of Microsoft Exchange Online email accounts, a case study of a ransomware attack and the discovery of a years-long infiltration of an open source group to insert a backdoor

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways