Cybersecurity Collaborative launches ransomware task force to develop response playbook

High-profile ransomware cases like the attack on Colonial Pipeline last year have got the industry’s attention. Today’s columnist, Shaun Bertrand of CBI, offers four tips on how security teams can mitigate ransomware. (Michael M. Santiago/Getty Images)

Cybersecurity Collaborative launched a task force this month aimed at delivering a ransomware response playbook and best practices guide to cybersecurity professionals.

Ransomware attacks on organizations have grabbed headlines recently and they are viewed as a threat to national and economic security. Cyberattacks are such a potential threat that the Cybersecurity and Infrastructure Security Agency (CISA) formed a public-private partnership in August, called the Joint Cyber Defense Collaborative, to fight ransomware, respond to incidents affecting cloud service providers and develop a national cyber defense strategy.

Threat groups use ransomware to encrypt data on a device, making it unusable until a ransom is paid under the threat of releasing potentially sensitive data.

"It seems every week that we’re reading about another company that’s fallen victim," said Ben Corll, chief information security officer at Coats. Corll said he was excited to join the task force, because ransomware is such a prevalent threat and the real-world input from other CISOs is one of the values of the collaborative.

"One of the things I’ve heard previously is that the bad guys talk with each other and that we need to get the good guys talking to each other," said Corll. "This is a very real and practical way that we’re doing just that."

Matt Stiak, director of cyber risk management for Delta Dental of California, agreed about the importance of collaborating with industry peers on complex topics such as ransomware.

"Not only do we have to worry about maintaining control over our information resources against competitors with large technology innovation budgets and nothing to lose, we also have to continuously refine multi-faceted responses to a successful attack," Stiak said. "Between the interplay of state, national, and international laws; our obligations to our customers, partners, and board of directors; and the moral and ethical demands of paying a ransom, we couldn’t be successful in managing the risks that ransomware pose without the wide variety of perspectives that can only be gleaned from collaboration with industry peers."

The task force by the Cybersecurity Collaborative will meet weekly with the goal of creating:

• a practical best practices guide

• a preparedness questionnaire and plan

• a management and board communications template

• a ransomware incident response playbook

Cybersecurity Collaborative is a membership community for cybersecurity, privacy, and risk leaders to share best practices that maximize their defense readiness. To find out more, visit www.cyberleadersunite.com.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.