Stakeholders across the Internet want to improve its security. But no single entity coordinates efforts, implements sustainable cybersecurity, or addresses digital security market failures. IST unites key stakeholders across industry, government, and civil society to innovate new solutions, break down silos, and find effective new methods to advance digital security, including its work to counter the ransomware threat.
IST Initiatives (Current)
The Ransomware Task Force (RTF) combats the national security threat posed by the ransomware scourge with a cross-sector approach. In April 2021, the Ransomware Task Force launched its seminal report, “Combating Ransomware: A Comprehensive Framework for Action.” The product of over sixty (60) experts, the effort provided forty-eight (48) recommendations and advocated for a unified, aggressive, comprehensive, public-private anti-ransomware campaign. Within the first year, 88% of these recommendations saw some degree of implementation, with 25% experiencing significant progress, including among governments and industry.
As part of its mission to address complex security issues at the forefront of technological innovation, the Institute for Security and Technology (IST) is leading an effort to study ways in which increased access to cutting-edge AI foundation models–across a gradient of access from fully closed to fully open–drives risk and enables opportunity.
Open-source software is the structural building block for the digital infrastructure that supports the modern world. At IST, we believe it is of the utmost importance to develop an approach that anticipates vulnerabilities and other risks such as malicious code before they impact the entire Internet infrastructure.
IST is engaging deep technical expertise to assess the architectures, tools, opportunities, and risks at the intersection of AI and cybersecurity across national security applications. This work includes analysis of open source models, advanced technique proliferation, and intentional mapping of policy conversations to enable industry and government to effectively provide essential input.
The Institute for Security and Technology (IST), in partnership with the Center for Cybersecurity Policy and Law, is pleased to announce the inaugural edition of The Cyber Policy Awards—an annual gathering of the U.S. cyber policy community to honor and celebrate those who drove significant progress in the preceding year, and to make resolutions for the new year.
Castles Built on Sand: Towards Securing the Open-Source Software Ecosystem
Recommendations to reduce the impact of vulnerabilities such as Log4j and prevent future vulnerabilities from arising.
April 2023 | Report
RTF Report: Combating Ransomware
A Comprehensive Framework for Action: Key Recommendations from the Ransomware Task Force
April 2021 | Report
RTF Progress Reports
As part of our ongoing mission to counter the ransomware threat, the Ransomware Task Force continually reflects on its original recommendations and monitors policy changes across industry and government. We engage with these findings openly, and work with our members to be agile in our ongoing recommendations.
Blueprint for Ransomware Defense
An Action Plan for Ransomware Mitigation, Response, and Recovery for Small- and Medium-sized Enterprises
August 2022 | Report
RTF Year Two: New Map; New Data: Same Mission
We estimate that in 2021 there were well over 4,000 documented ransomware incidents involving at least 60 ransomware “families,” impacting organizations in 109 countries.
July 2022 | NatSpecs Blog