CYBERSECURITY LEADERSHIP
Dave Cunningham: Ransomware Recovery & Incident Response
One of the most respected names in cybersecurity incident response. As Senior Case Manager at Alvaka Networks — widely recognized as one of the top three ransomware recovery firms in the United States — Dave has spent over a decade on the front lines of some of the most high-stakes cyber incidents in the country.
$10.2M
Avg US data breach cost (2025)
5,010+
US ransomware attacks (2024)
88%
of ransomware hits SMBs
15 min
Alvaka response time
FROM NASA TO CYBER DEFENSE
A Career Built on Solving the Impossible
Dave Cunningham is not your typical cybersecurity professional. He started his career as an aerospace engineer at Rockwell International, where he validated early-phase flight profiles for NASA and developed orbital transfer methods that were eventually used on the International Space Station. He holds two bachelor's degrees in Aerospace Engineering from Auburn University.
In the 1990s, Dave pivoted to technology — founding Cunningham Technology Group and later Bluevar, which became the nation's leading reseller of IBM Tivoli IT Director and an IBM Premier Business Partner. He went on to lead Dempsey Bluevar Inc. as President & CEO before joining Alvaka Networks in 2013.
Today, Dave serves as Senior Case Manager at Alvaka Networks, where he directly manages ransomware recovery engagements for organizations across the country. His engineering discipline — honed at NASA — brings a methodical, high-stakes rigor to incident response that most cybersecurity professionals simply cannot match.
ALVAKA NETWORKS
One of the Top Three Ransomware Recovery Firms
Founded in 1982 and headquartered in Irvine, California, Alvaka Networks is a powerhouse in ransomware remediation and managed IT services. With 100% US-based personnel and a specialization in mid-market to enterprise organizations (500–5,000 employees), Alvaka has built a reputation that the biggest names in the industry trust when everything goes wrong.
Alvaka has performed ransomware recoveries for some of the largest global brands — organizations that cannot afford a single day of unplanned downtime. Their response methodology is built on speed: 15–30 minute initial response times and recovery approaches that reduce downtime by up to five days compared to industry averages.
CIO Applications "Top Cyber Security Service Company" (2021)
GTIA Cybersecurity Trustmark certified
Orange County Register Top Workplace — four consecutive years
Strategic alliance with Ingram Micro for channel-wide ransomware response (2025)
RECENT HIGHLIGHTS
Making an Impact Where It Counts
Ingram Micro Alliance (2025)
Alvaka formed a strategic professional services alliance with Ingram Micro — providing prioritized “break the glass” ransomware remediation access to Ingram Micro's entire US channel partner network. This gives thousands of MSPs and VARs direct access to Alvaka's response capabilities.
“Held for Ransom” Podcast (2025)
Dave was the featured expert on American Banker's “Held for Ransom” podcast, where he broke down how Black Cat/Alpha V groups innovated network-level attacks that bypass endpoint detection — and laid out the four controls every organization needs.
Industry Speaking & Thought Leadership
A sought-after speaker at cybersecurity conferences, Greater Irvine Chamber of Commerce events, and industry webinars. Dave brings a contrarian, practitioner-first perspective that challenges vendor narratives with real-world incident data.
DAVE'S PLAYBOOK
Four Non-Negotiable Cyber Defenses
After five-plus years managing ransomware cases, Dave has distilled prevention down to four core controls. Get these right and you dramatically reduce your attack surface.
MFA Everywhere
Multi-factor authentication is non-negotiable. It remains the single most effective control against unauthorized access.
XDR with 24/7 Monitoring
Extended detection and response with around-the-clock human oversight — because endpoint tools alone miss network-level attacks.
Immutable Local Backups
Backups that threat actors cannot encrypt or delete. When everything else fails, immutable backups are your last line of defense.
Professional Risk Assessments
Regular security risk assessments by qualified professionals — not checkbox compliance exercises, but real vulnerability identification.
THE THREAT LANDSCAPE
US Cybersecurity By the Numbers
The ransomware crisis in the United States is accelerating — and the data makes it clear that no organization is too small to be targeted.
Attack Volume
US ransomware attacks (2024)
5,010++50% YoY
Global active ransomware groups
141+37% from 2023
Ransomware in all breaches (2025)
44%+37% YoY
Hospital systems impacted (2024)
85up from 46
K-12 school districts hit (2024)
116
Financial Impact
Avg US data breach cost (2025)
$10.22M+9% YoY
Avg ransomware incident cost
$5.08M2025
Avg ransom payment (2024)
$2M5x from 2023
SMBs filing bankruptcy after attack
1 in 5
Attacks that go unreported
85%
The Tide Is Turning
63%
of victims refused to pay ransom in 2025, up from 59% in 2024
44%
of organizations halted ransomware before encryption in 2025 (up from 24% in 2020)
80 days
shorter breach lifecycle when AI-driven security is deployed, saving $1.9M per incident
Sources: IBM Cost of a Data Breach 2025, Sophos State of Ransomware 2025, Verizon DBIR 2025, Emsisoft US Ransomware Report 2024–2025, Grand View Research
STRAIGHT TALK
What Dave Gets Right That Others Don't
“Phishing. The risk of a phishing attack — this is a problem that's solved.”
— Dave Cunningham, “Held for Ransom” podcast, March 2025
While the security industry spends billions on phishing awareness training, Dave argues that phishing is a solved problem at the technical level — with proper email security controls and zero-tolerance policies. His experience managing hundreds of ransomware cases over five years backs up a more uncomfortable truth: the real attack vectors are network-level exploits, unpatched vulnerabilities, and weak authentication.
“I have yet to see an attack where AI was implicated.”
— Dave Cunningham on AI-driven cyberattacks, March 2025
Despite the hype around AI-powered attacks, Dave's hands-on case data tells a different story. Threat actors are still using proven, repeatable techniques — including innovations from groups like Black Cat/Alpha V that operate at the network level to bypass endpoint detection entirely. The takeaway: focus on fundamentals, not fear.
MARKET CONTEXT
The Incident Response Market
$46.8B
Global IR market size (2025), growing at 18% CAGR
38.3%
North America's share of the global IR market — the largest region
21%
MDR (Managed Detection & Response) growth rate through 2030
PROTECT YOUR ORGANIZATION
Don't Wait for an Incident
BRITECITY delivers enterprise-grade cybersecurity for mid-market organizations. From 24/7 monitoring to incident response readiness, we ensure you're prepared before the threat arrives.