The Joint Ransomware Task Force, established as part of the landmark incident reporting legislation signed into law by President Joe Biden earlier this year, held its second meeting last Wednesday and unveiled a series of working groups focused on specific areas of the digital epidemic — the most concrete action taken to date by the work-in-progress group.
In particular, let’s highlight two working groups:
- Measurement: Collecting data and metrics that will improve the cybersecurity community’s collective understanding of ransomware affecting U.S. organizations and trends associated with actors, victims, and impacts, which will, in turn, inform U.S. government actions to counter the threat, provide more actionable guidance, and evaluate progress.
- Partner Engagement: Expanding operational collaboration and multi-directional intelligence sharing between JRTF members and non-governmental partners, including the private sector and the international community, to more effectively prevent, detect, and respond to evolving ransomware campaigns.
Why do we care?
Ever so slow forward progress from the federal government. Progress, nonetheless. We care to watch for the outputs of these working groups and an opportunity to contribute to the process.
Here’s a dream – wouldn’t it be nice to have a more formalized set of data and metrics to collect that was industry defined?