Cybersecurity and Infrastructure Security Agency (CISA) Executive Director Brandon Wales said today the private sector needs to do more to help the government tackle ransomware attacks, and expressed hope that the Joint Collaborative Cyber Defense (JCDC) effort between government and industry will go a long way in providing a coordinated approach to address these and other cybersecurity threats.
More help needed
“Ransomware has become an incredible challenge, a security challenge for this country,” Wales said at an event hosted by Axios, “and in which we need the government to do more, [and] we need the private sector to do more.
He said one of the best things the government can do to help businesses protect themselves from attacks is to share information about network protection with them, as well as continue efforts to disrupt attackers and users. financial systems they use to collect ransom payments.
“But we need more from the private sector,” he said. “We need to see more of them both in terms of the information they share with the government after there has been an attack which could allow us to prevent future incidents,” Wales continued, ” and we need them to think hard about paying those ransoms.
Paying the attackers, he said, “has only accelerated the crisis we find ourselves in today, where it is so important, and where these criminal enterprises are attacking larger targets. and more critical as they did with Colonial Pipeline or, or the main meats. production facilities. He stressed that “this cannot continue. “
Part of changing ransomware victims’ calculation in deciding to reimburse their attackers, he said, involves working from the start to make networks more secure and resilient, including through some of the most basic strategies, including adoption of multi-factor authentication, and appropriate remediation of vulnerabilities.
Once an organization was attacked, however, Wales said: “I think the speed with which you are working with the government to make sure that we are following this and that we can help prevent more victims” from being attacked is important. A quick appeal to the government, he said, may also offer a better chance that the federal government can help in more substantial ways, including trying to recover ransom payments.
From a senior perspective, Wales also expressed confidence that the JCDC effort will help government and industry tackle cyber attacks on a much larger scale.
The collaboration, he explained, includes “critical private sector companies … who have very broad visibility into the cyberspace of this country and this world,” including major cloud and internet service providers and vendors. of security.
“These are the companies that have the ability to see what’s going on at all levels,” both in the United States and abroad, he said. “They have the ability to understand what’s going on and take action on a scale that no individual company can do. “
“We have brought everyone together with the goal of bringing together what is best available from the United States government, whether it is from the CISA” or the intelligence agencies, and the private sector, “and say as we see things to happen, what can we do to actually have a large-scale effect.
Ransomware, he said, is one of JCDC’s top priorities “and is embodied in the work we’re trying to do to move from our previous kind of concept of public partnership to true operational collaboration, by taking information and being able to take rapid collective action on a scale that is really necessary to tackle the problem.
“We believe the JCDC is a critical pillar in this effort,” said Wales. “He’s only a few months old, but [we] truly believe this is the future of collective defense in cybersecurity.