donate EXPLORE
donate

Ransomware Task Force (RTF)

Combating the Ransomware Threat with a Cross-Sector Approach

Since launch in April 2021, the Ransomware Task Force (RTF) unites key stakeholders across industry, government, and civil society to innovate new solutions, break down silos, and find effective new methods of countering the ransomware threat.

Ransomware is a prevalent and destructive type of cybercrime, with increasingly dangerous physical consequences. Hospitals, school districts, city governments, public infrastructure, and countless other organizations have found their networks and data held hostage by malicious actors seeking monetary gain. The RTF aims to equip businesses, organizations, and governments of all sizes to prepare for these attacks, effectively respond, and quickly recover.

The RTF hosted an online launch event on April 29th, 2021 with a powerhouse lineup of the experts that led the RTF process, and keynote remarks by the Honorable Alejandro N. Mayorkas, U.S. Secretary of Homeland Security.

On May 20 2022, the RTF hosted a one-year reflective, featuring keynote addresses by National Cyber Director Chris Inglis and Deputy Attorney General Lisa Monaco, fireside chat sessions with current and former CISA directors Jen Easterly and Chris Krebs; and showcase three focused panel discussions, positioning itself and its participating members for accelerated impact in 2022 and beyond.

The Ransomware Task Force Report

Combating Ransomware: A Comprehensive Framework for Action:
Key Recommendations from the Ransomware Task Force | April 2021

In April 2021, the Ransomware Task Force launched its seminal report, Combating Ransomware: A Comprehensive Framework for Action. The product of over 60 experts from industry, government, law enforcement, civil society, and international organizations, the report provided 47 specific recommendations and advocated for a unified, aggressive, comprehensive, public-private anti-ransomware campaign.

Its impact was immediately felt, as governments moved to adopt new policies to empower their agencies to counter the threat, and as organizations found and implemented new tools to keep them and their customers more secure.

Explore the full RTF Report

Progress Reports

As part of our ongoing mission to counter the ransomware threat, the Ransomware Task Force continually reflects on its original recommendations and monitors policy changes across industry and government. We engage with these findings openly, and work with our members to be agile in our ongoing recommendations.

Most recent update: May 2022

Read the RTF Progress Report

Ongoing Lines of Effort

The work of the Ransomware Task Force continues to accelerate, with several discrete lines of effort continuing to build upon the findings of the RTF Report, synthesize the lessons learned and shared among our members and supporters, and adapt to the evolving ransomware threat itself. For 2022, the RTF continues work in the following areas:

  • Cyber Insurance Roundtable Series
  • Cryptocurrency Working Group
  • Blueprint for Ransomware Defense Working Group
  • Victim Notification Working Group
  • International Engagement Working Group

RTF Organization

Effectively combating ransomware requires the dedicated, prioritized attention of experts across industry and government. IST was honored to have the opportunity to convene and work with this groundbreaking coalition and interdisciplinary group of leaders on the Ransomware Task Force. 

The RTF consists of over 60 members from software companies, government agencies, cybersecurity vendors, financial services companies, nonprofits, and academic institutions working together on a comprehensive framework of actionable solutions. Their work synthesized best practices across sectors, identified solutions in all steps of the ransomware kill chain, targeted gaps in solution application, and engaged stakeholders across industries to coalesce around a diverse set of ideas and solutions.



RTF Working Group Co-Chairs

John Davis, Palo Alto Networks
Megan Stifel, IST
Michael Phillips, Resilience
Kemba Walden, Microsoft
Jen Ellis, Rapid7
Chris Painter, The Global Forum on Cyber Expertise Foundation
Michael Daniel, Cyber Threat Alliance
Philip Reiner, IST



RTF Steering Committee Members

Daniel Barriuso, Banco Santander
Raj De, Mayer Brown
Craig Froelich, Bank of America
Royal Hansen, Google
Amy Hogan-Burney, Microsoft
Sandra Joyce, Mandiant
Christopher Krebs, Krebs Stamos Group
Ciaran Martin, University of Oxford
Wendy Nather, Cisco
Jai Ramaswamy, Andreessen Horowitz


Members and Line of Effort Participants Are From

a16z
Amazon Web Services
Aspen Digital
Aviation ISAC
Banco Santander
Bank of America
Blackbaud
BlueVoyant
Center for Internet Security
CFC Underwriting
Chainalysis
CipherTrace
Cisco
Citrix
Coveware
CrowdStrike
CyberPeace Foundation
The CyberPeace Institute
Cybereason
Cyber Threat Alliance
Cybera
CyberArk
Cybersecurity Coalition
Datto
Deloitte
Ernst & Young
FireEye
Jefferson County, CO
K12 SIX

McAfee
Microsoft
National Governors Association
New York Department of Financial Services (NYDFS)
Palo Alto Networks
Rapid7
Recorded Future
Red Canary
Redacted
Resilience
Royal Canadian Mounted Police’s National Cybercrime Coordination Unit (NC3)
SecurityScorecard
The Shadowserver Foundation
Stratigos Security
Team Cymru
Third Way
University of Oxford Blavatnik School of Government
U.K. National Cyber Security Centre (NCSC)
U.K. National Crime Agency (NCA)
U.S. Cybersecurity and Infrastructure Security Agency (CISA)
U.S. Federal Bureau of Investigation (FBI)
U.S. Secret Service (USSS)
U.T. Austin Strauss Center

Announcements and Events

May 2022: Event – Combating Ransomware: A Year of Action

April 2022: IST Joins Cyber Civil Defense Initiative

February 2022: RTF Announces New Funding

April 2021: Launch Press Release

December 2020: Inaugural Press Release


Additional Resources

Emergency Cybersecurity and Ransomware Notice (March 12, 2021)