Trends

White House Ransomware Open Letter: 5 Takeaways

Table of Contents

On June 3rd, 2021, the White House’s Deputy National Security Advisor for Cyber and Emerging Technology, Anne Neuberger, released an open letter addressed to corporate executives and business leaders. The letter urged businesses to recognize the escalating threat posed by ransomware and to act swiftly. The strongly worded letter implores that “to understand your risk, business executives should immediately convene their leadership teams to discuss the ransomware threat and review corporate security posture and business continuity plans to ensure you have the ability to continue or quickly restore operations.” Here are some key takeaways from the White House ransomware open letter itself and the context in which it was issued. 

This is Everyone’s Problem—We All Need to Do Our Part

The open letter stresses that the federal government has been stepping up to deter ransomware actors. However, the threat posed to the American public is such that the government cannot fight it alone. That’s why the public sector needs to buy into anti-ransomware efforts. A wider range of organizations are falling prey to cybercrime and businesses of every size, industry, and location need to proactively consider what they are doing to meet the ransomware challenge of the times in which we live. It has taken our industry 30 years to get to this point, and while a letter will not change the reality overnight and the struggles of a cybersecurity operation, it does emphasize the gravity of the situation. 

Ransomware is Now a Security Crisis on Par with Terrorism

On the same day that the open letter was released, the Department of Justice sent internal guidance to U.S. attorney’s offices elevating ransomware investigations to the same priority level as terrorism, leading FBI Director Cristopher Wray to compare it to the 9/11 attacks. Not only are these attacks are interfering with basic services we all depend on, but also critical services of national importance.

Cyber Insurance is Not for Everyone—or Anyone?

Industry experts have claimed that cybersecurity insurance is worthless because 99% of the time claims are denied. So, should you buy it? It depends on your organization, confidence in your protection and detection ability, and your risk profile. If you do buy it, you may want to have your lawyers ready to sue them when claims are denied. 

Anyone Can Be Proficient in Operating Cybersecurity—Even Small & Medium-Sized Enterprises

Setting up a proficient security program should not cost your organization millions of dollars, though it certainly can. Small and medium-sized enterprises can rely on managed security service providers with cybersecurity expertise to help.  When your car breaks down, you take it to a mechanic—a car expert. That doesn’t mean that you let them drive it for you every day. It is key to recognize that an MSSP will never know your infrastructure as well as you do or be able to operate your cyberdefenses as well as you could. However, they can help you create a program that fits your business and risk profile. Like other things in life, you cannot completely outsource something as important as cybersecurity but there is help if you need it. 

Immediate Steps

  • Review your security posture, your infrastructure, and associated risks.
  • Back up your data.
  • Test your incident response plan or build one if you do not have one.
  • Implement security best practices which include multi-factor authentication.
  • Proactively hunt for malicious activity on a network and block it

My Take

We will never emerge from this situation unless we start looking for the adversary proactively. A ransomware attack is simply one or more compromise incidents that were not properly addressed. I founded Lumu almost 2 years ago because I believe that, as cybersecurity operators, we have a unique opportunity to take control of the impact cybercrime has on our businesses. Reclaiming that control starts with understanding our unique compromise level at any given moment. Only this will allow us to respond to a compromise in a precise and timely manner, containing the effects and ensuring business continuity. Start reclaiming control over the impact of cybercrime by opening a Lumu Free account.

Recent Posts

  • Blog

Lumu & the MSP Community: 2024 in Review

Reading Time: 4 minsLumu has worked hand-in-hand with MSPs throughout a year that consolidated the…

1 week ago
  • Blog

Reflecting on 2024: Lumu’s Innovations in SecOps

Reading Time: 5 minsLumu’s 2024 SecOps advancements focus on automation and smarter threat detection, with…

1 week ago
  • Attacks

Lumu’s Detection & Response to a Real-World DNS Tunneling Attack

Reading Time: 7 minsThis is the story of a serious DNS tunneling attack on a…

2 weeks ago
  • Events

Cybersecurity Insights for MSPs: Lessons from IT Nation Connect 2024

Reading Time: 4 minsDiscover the top insights from Lumu’s pre-conference workshop at IT Nation Connect,…

1 month ago
  • Stories

Cybersecurity Trends 2025 and Beyond: Navigating AI-Driven Evasion Techniques and Autonomous Threats for Resilient Defense

Reading Time: 2 minsAs we move into 2025, AI-driven evasion and autonomous threats will redefine…

1 month ago
  • Trends

CISA Reveals How 12 Ransomware Gangs are Bypassing EDRs

Reading Time: 7 minsEndpoint Detection and Response (EDR) has a critical role in most companies’…

2 months ago