I wanted to pick up a couple of threads from RSA from last week.
Axios said aloud, “Ransomware is a forever problem now.” I wanted to quote two sentences focusing on a shift to the problem being endemic. “Conversations about ransomware at RSA have shifted from viewing it as an easily squashed nuisance to seeing it as a persistent threat.” And “Ransomware now is treated like any other crime that’s not expected to be easily solved or to vanish after a couple of key arrests, experts told Axios.”
The Biden administration had several representatives out at RSA last week, not just from CISA. The State Department’s ambassador at large, as well as the Office of the National Cyber Director, were onsite.
And from the show, the word is that the implementation plan for the National Cyber Strategy could be available by early summer, per the Acting National Cyber Director Kemba during a roundtable discussion at the RSA Conference.
“When this implementation plan is published, it’s not going to be sexy,” Walden joked. “It’s really going to be about who’s accountable for what, who’s responsible for what in the policy-making process.”
Why do we care?
Endemic isn’t reduced, although I would call the spam problem endemic, and HAS has been reduced. Reducing the financial incentives continues to be my sense of value here. The US government is doing its part to make that happen – it’s up to the private sector to do its part, which is why we care. That’s the work of this audience.
And there does appear to be a solid partner in the US government in fighting back.

