LockBit Changed Everything and Locked Up Tells Why

What really happens during a ransomware attack?

In this powerful episode of And Security For All, host Kim Hakim sits down with Zach Lewis, CIO & CISO at the University of Health Sciences and Pharmacy in St. Louis, to break down the real-world story behind his new book Locked Up — a firsthand account of surviving a major ransomware incident.

From negotiating with the notorious LockBit ransomware group to navigating board-level decisions about paying (or not paying) a ransom, Zach shares what most organizations never talk about publicly.

🔐 In this episode, we cover:

• What actually happens during a ransomware attack (pre, during & post-breach)
• How ransomware groups like LockBit operate as “ransomware-as-a-service”
• Why some organizations pay — and what happens after they do
• Double extortion & the evolving tactics of cybercriminals
• AI-powered phishing, deepfakes, and the new threat landscape
• How boards are responding to growing cyber risk
• Practical advice for small and mid-sized organizations with limited security budgets
• Lessons learned from real breach recovery

With ransomware, AI-driven attacks, and data extortion on the rise in 2026, this conversation is essential listening for CISOs, IT leaders, board members, business owners, and anyone responsible for protecting sensitive data.

🎧 Whether you're in healthcare, education, finance, or enterprise security — this episode delivers actionable insight from someone who’s lived through it.