Sign Up for Our Newsletter
Donate

Analysis

Explore our research

Search
Filters

Ransomware Task Force: Doubling Down

Progress Report, Report

Ransomware Task Force: Doubling Down

While the U.S. government and its partners made great strides in combating ransomware in 2023, attacks have only increased. Of the 48 recommendations made in the original RTF Report, our assessment remains unchanged from a year ago: only 24 have seen significant progress.
cybersecurity, incident reporting, ransom payments, Ransomware
April 24, 2024
Information Sharing in the Ransomware Payment Ecosystem: Exploring the Delta Between Best Practices and Existing Mechanisms

Report

Information Sharing in the Ransomware Payment Ecosystem: Exploring the Delta Between Best Practices and Existing Mechanisms

IST's latest report pulls from a recent attack scenario exercise performed by the Ransomware Task Force's Payments Working Group, comparing the results to information sharing case studies including the Hive disruption operation, the Emotet botnet takedown, and the Colonial Pipeline ransom recovery.
Colonial Pipeline, cybersecurity, Emotet, Hive, ransom payments, Ransomware
April 17, 2024
Testimony: Held for Ransom: How Ransomware Endangers Our Financial System

Testimony

Testimony: Held for Ransom: How Ransomware Endangers Our Financial System

On April 16, 2024, Chief Strategy Officer Megan Stifel testified before the House Committee on Financial Services Subcommittee on National Security, Illicit Finance, and International Financial Institutions for a hearing entitled, "Held for Ransom: How Ransomware Endangers Our Financial System."
financial services, ransom payments, Ransomware
April 16, 2024
Roadmap to Potential Prohibition of Ransomware Payments

Memo

Roadmap to Potential Prohibition of Ransomware Payments

The Ransomware Task Force Co-Chairs present a roadmap to potential prohibition of ransomware payments with 16 milestones that, if pursued concurrently by government and the private sector, could reduce the need for a prohibition of ransomware payments in the first place or facilitate its eventual imposition.
ransom payments, Ransomware, roadmap
April 10, 2024
Unlocking U.S. Technological Competitiveness: Evaluating Initial Solutions to Public-Private Misalignments

Report

Unlocking U.S. Technological Competitiveness: Evaluating Initial Solutions to Public-Private Misalignments

In February, Strategic Balancing Initiative working groups identified key misalignments between the public & private sectors in biotech, energy & quantum. Now, SBI draws from working group insights to outline potential solutions that can bridge gaps between emerging tech and the policy apparatus.
biotech, China, energy, quantum, technological competitiveness
March 29, 2024
Public Private Partnerships to Combat Ransomware: An inquiry into three case studies and best practices

Report

Public Private Partnerships to Combat Ransomware: An inquiry into three case studies and best practices

IST, in collaboration with the Global Forum on Cyber Expertise and in support of the International Counter Ransomware Initiative, examines three existing public-private partnerships to combat ransomware: Europol’s European Cybercrime Centre (EC3), the United States Joint Cyber Defense Collaborative (JCDC), and the Institute for Security and Technology’s Ransomware Task Force (RTF). What challenges did they face? What does an ideal public-private partnership look like?
CISA, cyber, EC3, European Cybercrime Centre, JCDC, Joint Cyber Defense Collaborative, PPPs, Public-private partnerships, Ransomware
March 27, 2024
Navigating AI Compliance, Part 1: Tracing Failure Patterns in History

Report

Navigating AI Compliance, Part 1: Tracing Failure Patterns in History

What is the risk of compliance failure in AI foundation models, and how can it be mitigated? The AI Risk Reduction Initiative’s latest report analyzes the history of failures across industries in an effort to avoid future pitfalls, and offers practical frameworks and definitions for practitioners navigating the complex compliance landscape. The first of a two-part series, this report examines 11 case studies from AI-adjacent industries to identify three distinct failure categories: institutional, procedural, and performance.
SecOps “where bits and bytes meet flesh and blood”

In the News

SecOps “where bits and bytes meet flesh and blood”

“We live in glass houses, and people are about to start throwing rocks,” Josh Corman told TechTarget’s IT Ops Query podcast. Josh sat down with Beth Pariseau to discuss UnDisruptable27 and the threat nation states pose to our critical infrastructure systems.
Why Venture Capital Is Indispensable for U.S. Industrial Strategy: Activating Investors to Realize Disruptive National Capabilities

Report

Why Venture Capital Is Indispensable for U.S. Industrial Strategy: Activating Investors to Realize Disruptive National Capabilities

How can the U.S. realize disruptive national capabilities and establish technological leadership in the geostrategic competition with China? From IST’s Strategic Balancing Initiative, a new report calls for harnessing the power of the venture capital industry to unlock innovation, and offers insights for policymakers & practitioners.  
The Implications of Artificial Intelligence in Cybersecurity: Shifting the Offense-Defense Balance

Report

The Implications of Artificial Intelligence in Cybersecurity: Shifting the Offense-Defense Balance

Advances in AI present key cybersecurity opportunities, but how might malicious actors utilize the same technology? IST’s latest report investigates the state of existing and potential integrations of AI in cybersecurity based on our research & interviews with industry stakeholders and puts forward 7 priority recommendations.