One of the measures designed to off-set cyberattacks is the U.S. Ransomware Disclosure Act. The basis of the legislation is with collecting data, holding this centrally, and using the analysis to take on rogue actors.
The U.S. legislation is centered on a bill that would require the disclosure of ransomware payments from organizations to help understand the size and currency of ransomware payments has received a lot of media attention.
The bill comes as the federal government is getting much more serious about the scope and severity of the threat. In fact, between 2019 and 2020, ransomware attacks rose by 62 percent worldwide and by 158 percent in North America alone.
The extent of these attacks demonstrates that those organizations with outdated cybersecurity frameworks and networks will provide hackers with easier access and the opportunity to move laterally in order to find valuable data after they establish a foothold in the network. So what can they do about this and is the legislative route the answer?
As to whether the U.S. legislation provides the best option, Digital Journal has heard from Mary Roark, VP of cybersecurity strategy, Accedian. Certainly the legislation will increase bureaucracy and measures will take time to implement. Certainly there are measures that firms can take themselves.
Roark considers whether ransomware vulnerabilities affecting multiple industries can be delayed and reduced by the U.S. government proposal. Roark also advises businesses as to what they can and should do to strengthen their cybersecurity to avoid having to go through the timely process of resolving ransomware attacks and reporting it to the government.
In terms of how cybersecurity breaches happen, Roark is clear as to the root causes stating: “The human element remains the weakest link when it comes to preventing ransomware attacks. Organizations can spend a lot of money and time implementing cybersecurity measures but it only takes one mistake from an employee to cause a domino effect on the whole company.”
To avoid people making mistakes, Roark is certain as to what needs to happen, recommending: “With this in mind, organizations need to stop and rethink about employee behaviors, and teach employees the warning signals of cybersecurity attacks and limit access to data and systems. In doing so, companies can “keep doors closed” to high-value data and systems, and audit access frequently to prevent privileged access creep.”