Adaptive Segmentationmicro-segmentation October 28, 2021

International Summit on Ransomware: Key Takeaways on How to Build Resilience Against Ransomware

Nathanael Iversen, Chief Evangelist

On October 13th and 14th, the U.S. hosted an international summit on ransomware. While the summit only invited leaders of national governments, it has direct implications for leaders at every level of the public and private sector.

In this blog post, we’ll recap the event and tell you what it means for you.

To do so, we’ll explore:

  • What happened at the summit.
  • The key decisions and takeaways.
  • What the summit means for you, and what next steps you must take.
  • How you can rapidly improve your own resilience against ransomware.

What Happened? Summary of the Summit

The White House virtually hosted more than 30 countries for a summit on the growing problem of ransomware. During the summit, the countries discussed the current state of ransomware and how they could stop the threat.

Over the course of two days, the countries reached agreement on a few points.

  • Ransomware is a rapidly growing threat. Homeland Security Secretary Alejandro Mayorkas stated that U.S. ransomware attacks have increased 300% year-over-year.
  • Ransomware is an international problem. Many countries stated that their critical infrastructure had recently been disrupted by ransomware attacks, proving this is not an issue that only impacts the U.S.
  • Ransomware requires a coordinated response. The attending countries began to work together to build a mutual response that demanded coordinated action from many nations and both the public and private sectors.

Ultimately, the summit affirmed that ransomware has become a big enough threat that governments must intervene to stop it. This aligns with U.S. President Biden’s recent Executive Order on Cybersecurity, and makes it clear that modern threats like ransomware are not going away and demand immediate action.

Now, let’s look at the specific actions the summit discussed to stop ransomware.

What Did They Decide? Key Takeaways

To be clear, this summit was not designed to deliver concrete next steps.

Instead, the summit had one main purpose — to bring together a group of countries to reach an agreement that ransomware is a big problem that they all face and that there are a few anti-ransomware actions that will require international cooperation.

As such, most of the summit focused on anti-ransomware topics that are not actionable by most individual agencies or organizations. Specifically, most of the summit focused on international diplomacy, law enforcement efforts to hold ransomware actors accountable, and countering mechanisms for illicit finance so that ransomware actors can’t move the proceeds from their successful attacks.

Yet, the summit did discuss one topic that applies to every agency and organization — the need to build greater resilience against ransomware attacks. The summit’s joint statement lists a range of “universal cybersecurity best practices [that] can dramatically reduce the likelihood of a ransomware incident and mitigate the risk from a host of other cyber threats.”

These best practices to improve resilience against ransomware include:

  • Effective policy and governance
  • Improvements in basic cyber hygiene
  • Maintaining recent offline data backups
  • Ensuring software patches are up to date
  • Using strong passwords and multi-factor identification
  • Sharing information and lessons learned from incidents
  • User education against opening suspicious links or documents

The joint statement notes that these best practices also require appropriate resources and accountable senior leaders who will drive cybersecurity decision-making. With that in mind, the rest of this post will outline what you must do and how you can better build your own resilience against ransomware.

What Does This Summit Mean for You? Actionable Insights

On one level, you have no immediate “to dos” from the summit. There were no direct mandates that any country or organizations must take action on.

However, the summit does reinforce that ransomware remains top-of-mind for many governments, and they have identified some concrete actions to stop this threat. This ongoing discussion has implications for you and your organization, whether you are in the public or private sector.

If you are in the public sector, you must assume that mandates are coming.

President Biden’s initiative on cybersecurity already created guidelines that federal agencies are expected to follow to protect themselves from modern threats. The precedent is there, and it’s safe to assume ransomware-specific mandates are coming.

Practically speaking, that means you want to get ahead of the curve and begin to implement the summit’s recommendations for ransomware resilience. If you begin to improve your defenses today, then you will prevent a scramble to shore up your security when the government inevitably issues new mandates (with tight timelines).

If you are in the private sector, this advice applies to you as well.

Remember, Biden’s initiative on cybersecurity also included guidelines for government contractors. This establishes another precedent and makes it clear the federal government is happy to use its purchasing power to establish security standards.

Practically speaking, that means you must assume the federal government will establish and enforce a standard anti-ransomware security standard. This standard may be firmly enforced through new regulations, or it may be softly enforced as a suite of expected best practices. Either way, it’s coming and worth getting ahead of.

For everyone, the message of the summit is clear: Ransomware is growing.

There are security standards you can meet to build resilience against ransomware. In some capacity, everyone will be expected to adopt these standards. And it’s better to be proactive and begin to build your anti-ransomware defenses today at your own pace.

Here are a few resources to help you do just that.

What to Do Today? Your Next Steps

Ransomware attack patterns are complex, and there is no single solution that can give you perfect resilience against it. Instead, there are multiple actions you must take to prevent breaches, reduce the impact of incidents, and remove threats quickly.

The following guides will show you how to take those actions and improve your defenses.

  • Ransomware 101: An information-rich resource that answers many of the most common questions about what ransomware is, how most ransomware attacks operate, and what you must do to build resilience against the threat.
  • Stopping Ransomware: See Your Threats With Illumio: A short blog post that explains why visibility is the key to stopping ransomware and how Illumio makes it fast and easy to develop strong anti-ransomware visibility and containment.
  • 9 Reasons to Use Illumio to Fight Ransomware: A quick list of the nine reasons why traditional security tools are failing to stop ransomware, and how Illumio corrects each of these mistakes and makes it easy to protect your org.
  • Mitigating Ransomware With Zero Trust: A Forrester report that outlines why you must stop lateral spread to stop ransomware, how Zero Trust would have stopped a range of recent high-profile ransomware attacks, and why segmentation is the critical component of any Zero Trust strategy.
  • How to Prevent Ransomware from Becoming a Cyber Disaster: A detailed guide that teaches you how to stop ransomware from spreading to its target, how to build endpoint-level ransomware defenses, and how to apply a practical approach to Zero Trust to build automated, scalable protection.
  • How to Fight Ransomware with Illumio’s Visibility and Containment: A detailed resource on the many ways that you can stop ransomware by building visibility and containment capabilities with Illumio.

With these resources, you will develop a clear picture of what capabilities you need to build resilience against ransomware and how you can build those capabilities ASAP.

In addition, we would be happy to jump on a quick call and give you a free consultation. During our call, we will help you define the maturity of your current ransomware resilience and what steps will help you quickly fill any gaps you find.

Adaptive Segmentationmicro-segmentation
Share this post: