Ryan Goldberg, 40, and Kevin Martin, 36, received four-year prison sentences from the U.S. Department of Justice for their roles in BlackCat ransomware attacks. The two cybersecurity professionals deployed the malware against multiple U.S. victims between April and December 2023. The prosecution marks a rare case of insider threat actors with legitimate security credentials facilitating major ransomware operations. Defendants exploited their professional access and technical knowledge to enable the attacks. The sentencing demonstrates law enforcement focus on prosecuting insiders who weaponize cybersecurity expertise against organizations. Defenders should recognize that threat actors often leverage individuals with legitimate credentials and access. Organizations employing security professionals require robust insider threat programs, access controls, and monitoring of privileged accounts. The case underscores risks from trusted personnel with system knowledge and network access.