June 11, 2024 – The Ransomware Task Force, launched in 2021 in response to the emerging national, economic, and international security threat posed by ransomware, continues work to tackle ransomware through working groups, convenings, and annual progress reports on the status of its 48 recommendations. Central to its success is the RTF Steering Committee, a group of senior-level leaders and experts in cybersecurity and technology law and policy, who provide support, guidance, and oversight on ongoing RTF lines of effort.
The RTF Steering Committee, composed of 12 individuals from the technology, financial services, legal, and academic sectors, meets biannually to identify strategic opportunities for engagement, provide guidance to help shape the Task Force’s outcomes and timelines, and recruit additional expertise and supporters to the effort. Together, this important group ensures that the RTF remains on top of the latest ransomware trends.
“I see my role on the Ransomware Task Force Steering Committee as an opportunity to provide input on the trends the industry at large is seeing and advise on what may be over the horizon,” said Michael Lashlee, Steering Committee member and Chief Security Officer at Mastercard. “I’m honored to be a part of this Committee and look forward to working with IST and the RTF on protecting our digital ecosystem against cyber threats.”
The Ransomware Task Force recently held its third annual convening, 24 in 24: Doubling Down on the Ransomware Task Force Recommendations. It regularly gathers high-level cybersecurity and ransomware experts to share insights on the ransomware ecosystem, whether in large-scale public events or in small-scale convenings. For Steering Committee member and Vice President of Global Public Policy at Chainalysis Caroline Malcolm, this ability to convene the right people in the room is key. “The Ransomware Task Force has established itself as an invaluable partner to broader industry and to government in tackling the spread of ransomware attacks on public and private infrastructure and entities,” she said. “Bringing together the highest levels of expertise on cybersecurity and ransomware from industry, the Task Force draws on that to deliver training and insights on elements of the ransomware ecosystem.”
In the three years since the formation of the Ransomware Task Force, ransomware has become an even more pervasive threat. An April 2024 Progress Report concluded that of the 48 recommendations made by the RTF in 2021, only 24 had seen significant progress in the years since. Ransomware is so dangerous because it is an “equal opportunity threat,” said Steering Committee member and Cisco Director of Strategic Engagements Wendy Nather, noting that it can affect organizations of any size, and have tremendous ripple effects. “I’m honored to be able to contribute to the RTF’s efforts to fight this widespread cybersecurity battle,” she said.
The most recent Steering Committee meeting took place on the sidelines of RSA 2024, where RTF Executive Director Megan Stifel and IST RTF team members unpacked recent RTF efforts, including the development of a roadmap to potential prohibition of ransomware payments, updates from the International Engagement Working Group, Blueprint for Ransomware Defense awareness campaigns, the information-sharing map produced with input from Payments Working Group members, and responses to the notice of proposed rulemaking for the Cyber Incident Reporting for Critical Infrastructure Act of 2022. “Last month, I had the chance to sit down with the RTF Steering Committee to talk about what comes next for the RTF,” she said. “Thank you to all of our Steering Committee members for dedicating their time and expertise to our efforts to make the digital ecosystem more sustainable and secure.”