Table of Contents
On June 3rd, 2021, the White House’s Deputy National Security Advisor for Cyber and Emerging Technology, Anne Neuberger, released an open letter addressed to corporate executives and business leaders. The letter urged businesses to recognize the escalating threat posed by ransomware and to act swiftly. The strongly worded letter implores that “to understand your risk, business executives should immediately convene their leadership teams to discuss the ransomware threat and review corporate security posture and business continuity plans to ensure you have the ability to continue or quickly restore operations.” Here are some key takeaways from the White House ransomware open letter itself and the context in which it was issued.
This is Everyone’s Problem—We All Need to Do Our Part
The open letter stresses that the federal government has been stepping up to deter ransomware actors. However, the threat posed to the American public is such that the government cannot fight it alone. That’s why the public sector needs to buy into anti-ransomware efforts. A wider range of organizations are falling prey to cybercrime and businesses of every size, industry, and location need to proactively consider what they are doing to meet the ransomware challenge of the times in which we live. It has taken our industry 30 years to get to this point, and while a letter will not change the reality overnight and the struggles of a cybersecurity operation, it does emphasize the gravity of the situation.
Ransomware is Now a Security Crisis on Par with Terrorism
On the same day that the open letter was released, the Department of Justice sent internal guidance to U.S. attorney’s offices elevating ransomware investigations to the same priority level as terrorism, leading FBI Director Cristopher Wray to compare it to the 9/11 attacks. Not only are these attacks are interfering with basic services we all depend on, but also critical services of national importance.
Cyber Insurance is Not for Everyone—or Anyone?
Industry experts have claimed that cybersecurity insurance is worthless because 99% of the time claims are denied. So, should you buy it? It depends on your organization, confidence in your protection and detection ability, and your risk profile. If you do buy it, you may want to have your lawyers ready to sue them when claims are denied.
Anyone Can Be Proficient in Operating Cybersecurity—Even Small & Medium-Sized Enterprises
Setting up a proficient security program should not cost your organization millions of dollars, though it certainly can. Small and medium-sized enterprises can rely on managed security service providers with cybersecurity expertise to help. When your car breaks down, you take it to a mechanic—a car expert. That doesn’t mean that you let them drive it for you every day. It is key to recognize that an MSSP will never know your infrastructure as well as you do or be able to operate your cyberdefenses as well as you could. However, they can help you create a program that fits your business and risk profile. Like other things in life, you cannot completely outsource something as important as cybersecurity but there is help if you need it.
- Review your security posture, your infrastructure, and associated risks.
- Back up your data.
- Test your incident response plan or build one if you do not have one.
- Implement security best practices which include multi-factor authentication.
- Proactively hunt for malicious activity on a network and block it
We will never emerge from this situation unless we start looking for the adversary proactively. A ransomware attack is simply one or more compromise incidents that were not properly addressed. I founded Lumu almost 2 years ago because I believe that, as cybersecurity operators, we have a unique opportunity to take control of the impact cybercrime has on our businesses. Reclaiming that control starts with understanding our unique compromise level at any given moment. Only this will allow us to respond to a compromise in a precise and timely manner, containing the effects and ensuring business continuity.