Hosted by Consortium of Cybersecurity Clinics

Guest Speaker: Ian Mandell, Coalition

The Spring 2026 Clinic of Clinics event featured Ian Mandell, Claims Counsel at Coalition, who brought a practitioner’s perspective from the front lines of cyber insurance and incident response. Drawing on Coalition’s extensive dataset and real-world experience supporting small and mid-sized enterprises (SMEs), the session provided a timely look at the evolving ransomware landscape and the operational realities organizations face today.

A central theme of the discussion was the continued rise in ransomware attacks, which have increased by more than 40% in recent periods. Mandell walked attendees through how these attacks unfold in practice, emphasizing not just technical compromise, but also the legal, financial, and strategic decision-making that follows.

One of the most engaging portions of the session focused on ransomware negotiation. Mandell explored how organizations evaluate whether paying a ransom is viable, the factors that influence that decision, and the risks involved in both paying and refusing. This discussion highlighted the complexity of incident response, where technical remediation must be balanced with business continuity, regulatory considerations, and threat actor behavior.

Beyond ransomware, the presentation covered broader trends shaping today’s threat environment, including:

• Emerging cyber threats targeting SMEs
• Common incident patterns observed across industries
• Key operational and financial challenges organizations are currently navigating

Mandell emphasized that small and mid-sized organizations remain particularly vulnerable due to constrained resources, making proactive risk management and cyber insurance an increasingly critical component of their security posture.

The session concluded with an interactive Q&A, where attendees engaged directly with Mandell on topics ranging from incident response workflows to the evolving role of cyber insurance in organizational resilience.

Overall, the event offered valuable, experience-driven insights into how organizations can better prepare for and respond to cyber incidents in an increasingly volatile threat landscape.