In the first portion of yesterday’s event, Secretary of Homeland SecurityAli Mayorkas discussed with me why ransomware is one of his top priorities and the focus for his first sprint saying, “The threat is real. The threat is upon us. The risk is to all of us.” Small businesses, who comprise the backbone of the American economy, “must be able to defend [themselves] to the fullest extent possible…and it is not a matter of eliminating ransomware, it’s a matter of, quite frankly, defending against the attackers.” Secretary Mayorkas pointed to the Cybersecurity and Infrastructure Security Agency’s ransomware guide as a resource for businesses to improve their cyber risk management.
The second part of the program focused on business resilience and included a panel of U.S. government and industry experts, including Pete Marta, a partner with Hogan Lovells, Eric Goldstein, Executive Assistant Director, Cybersecurity Division, CISA, David M. Smith, Special Agent in Charge, Criminal Investigation Division, Secret Service, and Lisa Wallace, Area Vice President, US Public Sector Security Sales Program, Splunk.
High-Scoring Audience Q&A:
- What are the best tools available right now to detect and prevent Ransomware attacks? Check out these free resources:
- Cyber Readiness Institute: Ransomware Playbook or their White Paper on Small Business Cybersecurity Recommendations for the Biden Administration
- Secret Service: Preparing for a Cyber Incident – A Guide to Ransomware
- Global Cyber Alliance’s Small Business Toolkit.
- To which Law Enforcement agency do I report a ransomware incident to? There are several options for reporting a cyber incident to the Federal Government and you should review this guide before doing so.
- CISA. Businesses can report a cyber incident to either the US-CERT or a Regional Office
- U.S. Secret Service. The U.S. Secret Service has a helpful Contacting Law Enforcement Guide. Victims can report an incident to their nearest Field Office and ask to speak to an agent with the Cyber and Fraud Task Force.
- FBI. The Federal Bureau of Investigation (FBI) has several resources to support ransomware victims, including a NCIJTF Fact Sheet. Organizations can report a crime to either the Internet Crime and Complaint Center (IC3) or an FBI Field Office.
- What does OFAC’s Ransomware Advisory Means for U.S. Companies? On October 1, 2020, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) published an advisory that reiterates the prohibition against U.S. businesses and persons conducting business or paying funds to any person on the “Specially Designated Nationals and Blocked Persons” list. Organizations developing their incident response plan should consult counsel to review their legal and regulatory obligations, including OFACs.
Live Poll Results:
- 93% of respondents consider ransomware an existential threat to their business.
- 88% of respondents do not think their organization will pay a ransom demand.
- 98% of respondents will report a ransomware incident to law enforcement, and 71% know which agency they will report to.
- DHS secretary warns ransomware attacks on the rise, targets include small businesses (ABC News)
- Biden administration, Congress unite in effort to tackle ransomware attacks (The Hill)
- DHS set to launch its ‘most significant hiring initiative’ as part of cyber workforce sprint (Federal News Network)
- DHS Chief: Ransomware Leads DHS Cyber Sprints Due to Urgency (MeriTalk)
- DHS chief Mayorkas cites CISA tools for small businesses heavily targeted by ransomware attackers (Inside Cybersecurity)