Datto Holding has announced its collaboration on the Ransomware Task Force’s (RTF) “Combating Ransomware: A Comprehensive Framework for Action” report. Datto CISO, Ryan Weeks is a core member of the RTF, a broad coalition of more than 60 experts in industry, government, law enforcement and international organisations coming together in the fight against ransomware.
The RTF, formed in January by the Institute for Security and Technology, recogniSes that ransomware attacks present an urgent national security risk around the world. According to Datto’s Global State of the Channel Ransomware Report, while threat actors do not discriminate, 95% of MSPs state that their own businesses are increasingly being targeted and 78% of MSPs reported attacks against small and mid-sized businesses (SMB) in the last two years. Any recommended solutions must therefore apply both internationally and to a wide array of affected sectors, including MSPs and SMBs. The varied expertise of the members allowed for multifaceted solutions and a full, comprehensive strategy to stem the ransomware tide.
The 48 recommended actions provide guidance for addressing some of the root causes of the ransomware epidemic, including the low barrier to entry for intelligent cybercriminals, the difficulty of tracing cryptocurrencies, and the lack of law enforcement resources. This has created an environment of safe havens for threat actors.
The RTF finds that MSPs do not commonly provide extensive security coverage or ransomware mitigation but doing so would create a widespread positive impact for SMBs.
To further this effort, baseline requirements for MSPs include:
- Adherence with a cyber-hygiene program (for example, CIS Controls Implementation Group 1 and the NIST Cybersecurity Framework)
- Financial funding and support to help MSPs develop cyber resilience capabilities
- Stricter disclosures of the occurrence of ransomware incidents for increased transparency
- Formation of an MSP-ISAC, an information sharing and analysis centre specific to the unique needs of the MSP industry
Ryan Weeks, CISO, Datto, said, “The release of these findings is an important step both in the US and globally in instituting the proper frameworks, enforcement and funding to make a difference. MSPs continue to be on the frontlines of a cyberwar but need more support and this report elevates this concern. The time for concerted, coordinated action is now. Datto is proud to have played a part in this groundbreaking coalition, and looks forward to the day when the threat of ransomware no longer looms over the heads of citizens, students, teachers, businesses, hospitals and nations.”