Archive

Ransomware

Exercise VEIL STORM I: After Action Report

Exercise VEIL STORM I: After Action Report

In partnership with Europol, the Institute for Security and Technology and the Ransomware Task Force’s International Engagement Working Group designed and delivered Exercise VEIL STORM I, a tabletop exercise focused on operational collaboration across international law enforcement agencies and private sector firms in responding to cyber incidents. This after-action report summarizes the proceedings and key takeaways of the exercise.

cyber insurance, cybersecurity, disruption, Europol, information sharing, operational collaboration, public-private collaboration, Public-private partnerships, Ransomware

July 23, 2025

Plan directeur de défense contre les rançongiciels

Plan directeur de défense contre les rançongiciels

En réponse à la mesure 3.1.1 du rapport du Groupe de travail sur la lutte contre les rançongiciels, qui recommande à la communauté de la cybersécurité d’« élaborer un cadre clair de mesures exécutables d’atténuation, d’intervention et de récupération relatives aux rançongiciels », le Groupe de travail sur le Plan directeur de défense contre les rançongiciels a intégré au présent document un sous-ensemble structuré de mesures de protection essentielles en matière de cyberhygiène3, puisées dans le site Web Contrôles de sécurité essentiels du contrôles du CIS® v8.

blueprint, cybersecurity, defend, protect, Ransomware, respond

July 14, 2025

What Does Ransomware Have to Do with War and Peace: IST’s Contributions to the Final UN OEWG Negotiation Session

What Does Ransomware Have to Do with War and Peace: IST’s Contributions to the Final UN OEWG Negotiation Session

IST joined the eleventh and final substantive session of the Open-Ended Working Group on Security of and in the Use of Information and Communications Technologies this week at the UN. While there, we participated in a side event on the Brazil Ransomware Task Force.

Brazil, cybercrime, cybersecurity, cyberspace, International engagement, law, multistakeholder, Organization of American States, Ransomware, United Nations

July 10, 2025

60 Million Reasons to Rethink Vendor Management: IST hosts experts on PowerSchool data breach

60 Million Reasons to Rethink Vendor Management: IST hosts experts on PowerSchool data breach

When a single data breach can affect 60 million students and 10 million teachers, what can states and districts do to protect their communities? IST Senior Director Michael Klein hosted a virtual event unpacking how state and local leaders and policymakers are rethinking their approaches to third-party vendor risk in the wake of the PowerSchool cyber incident.

cybersecurity, k-12, PowerSchool, Ransomware, third party risk, vendor management, vendor risk

July 8, 2025

Without Washington? IST’s Michael Klein joins Panel at CLTC’s Cyber Civil Defense Summit to highlight mechanisms for bolstering state and local cyber resilience

Without Washington? IST’s Michael Klein joins Panel at CLTC’s Cyber Civil Defense Summit to highlight mechanisms for bolstering state and local cyber resilience

In June, IST Senior Director Michael Klein spoke on a panel at UC Berkeley’s Center for Long Term Cybersecurity #CyberCivilDefense Summit addressing shared responsibility of regional cyber resilience. Director for Digital Security Taylor Grossman reflects on the conversation, which highlighted pathways for improving state & local cybersecurity.

Cyber Civil Defense, cyber resilience, local cybersecurity, Ransomware, shared responsibility, SLTT, state cybersecurity

July 2, 2025

Managing Third Party Risk after PowerSchool

June 17, 2025 3:00 pm

Managing Third Party Risk after PowerSchool

When the largest K-12 cyber incident in history can be caused by a teenage hacker logging into a vendor’s customer service portal with just a contractor’s credentials, what can states and districts do to protect their students, teachers, and families?

contractors, cybersecurity, k-12, Ransomware, third party risk, vendor risk

June 17, 2025

Megan Stifel on the Impact of the Ransomware Task Force

Megan Stifel on the Impact of the Ransomware Task Force

Megan Stifel, Chief Strategy Officer for the Institute for Security and Technology, joins the Nexus Podcast to discuss the four years of progress and challenges experienced by the Ransomware Task Force.

Ransomware, Ransomware Task Force

May 27, 2025

Defeating Ransomware: A 360° Review of the RTF Four Years On

May 1, 2025 3:30 pm

Defeating Ransomware: A 360° Review of the RTF Four Years On

It’s been 4 years since the Ransomware Task Force first launched. The RTF helped pioneer the way policymakers approach ransomware and elevated its importance to a true national security threat. Since then, 50% of its recommendations have seen progress – but the others have not. At RSA Conference, IST Chief Strategy Officer & RTF Executive Director Megan Stifel moderates a panel to explore what's worked, and what hasn't.

cybersecurity, deter, Ransomware, respond

May 1, 2025

Enhancing Cyber Resilience through Insurance: Revisiting Anti-Bundling Regulation

Enhancing Cyber Resilience through Insurance: Revisiting Anti-Bundling Regulation

In Enhancing Cyber Resilience Through Insurance, authors Sophia Mauro and Taylor Grossman make the case that cyber insurance has the strategic potential to go beyond consequence management, actually helping its insureds achieve better proactive, pre-incident cybersecurity.

cyber insurance, cyber resilience, cyber risk, cyber threats, insurance, Ransomware, risk-mitigation, underwriting

April 28, 2025

IST at RSA 2025: Zeroing in on hybrid warfare, ransomware, phishing, and more

IST at RSA 2025: Zeroing in on hybrid warfare, ransomware, phishing, and more

Core to our mission at IST is our belief that we achieve more when industry, government, and civil society come together in pursuit of a common goal. We’re proud to join the global community of cyber experts convening in San Francisco next week for RSA Conference!

artificial intelligence, critical infrastructure, cybercrime, cybersecurity, national security, phishing, Ransomware, systemic defense

April 23, 2025

Cyber policy experts join IST’s Future of Digital Security team

Cyber policy experts join IST’s Future of Digital Security team

IST is excited to announce the addition of Nicholas Leiserson as Senior Vice President for Policy, Michael Klein as Senior Director for Preparedness and Response, and Tory Igoe as Future of Digital Security Associate to our Future of Digital Security team.

critical infrastructure, cybersecurity, digital security, incentives, operational collaboration, Ransomware, resilience

April 22, 2025

Exploring the UK’s Ransomware Legislative Proposals

March 26, 2025 9:00 am

Exploring the UK’s Ransomware Legislative Proposals

On March 26, IST and the Ransomware Task Force hosted an in-depth discussion on the UK’s government recent open consultation on ransomware.

critical infrastructure, incident reporting, ransom payments, Ransomware

March 26, 2025

Hit ‘Em Where it Hurts: Understanding and Disrupting the Resourcing Phase in the Ransomware Payment Ecosystem

Hit ‘Em Where it Hurts: Understanding and Disrupting the Resourcing Phase in the Ransomware Payment Ecosystem

Since April 2021, IST’s #RansomwareTaskForce has investigated how to disrupt the infrastructure that ransomware groups rely on to receive payments. Writing for the #NatSpecs blog, Trevaughn Smith presents new strategies for targeting the resourcing phase of the #ransomware ecosystem.

blockchain, bulletproof hosting, cryptocurrency, information sharing, RaaS, Ransomware, resourcing

March 17, 2025

Cracked and Nulled: International Law Enforcement Takes Down Two of the World’s Largest Cybercrime Forums

Cracked and Nulled: International Law Enforcement Takes Down Two of the World’s Largest Cybercrime Forums

In a recent victory against cybercrime, international law enforcement agencies jointly announced in January the successful disruption of Cracked and Nulled, two of the world’s largest cybercrime forums. IST Future of Digital Security Associate Gigi Flores Bustamante breaks down key actions and the operation’s strategic approach to disrupting ransomware.

cybercrime, disruption, FBI, information sharing, infrastructure, public-private collaboration, Ransomware

March 10, 2025

Q&A: Reflecting on IST’s Mission in Action

Q&A: Reflecting on IST’s Mission in Action

In the February 2025 newsletter, on the heels of recent gatherings of the world's most prominent technology and policy leaders, members of IST leadership reflected on what they heard, what seems to be missing from global dialogue, and what IST can do about it.

AI, critical infrastructure, cyber, cybersecurity, Munich Cyber Security Conference, Paris Peace Forum, Public-private partnerships, Ransomware, WEF

February 28, 2025

Ransomware Task Force Announces New Funding and Partners for 2024 and Beyond

Ransomware Task Force Announces New Funding and Partners for 2024 and Beyond

The Institute for Security and Technology’s Ransomware Task Force, now in its fourth year of action, is excited to welcome Zscaler and Mastercard as new supporters. In addition, for 2024, we are grateful for the sustaining support of Craig Newmark Philanthropies, AWS, Bank of America, Banco Santander, Microsoft, Palo Alto Networks, and the Global Forum on Cyber Expertise, with support from the Ministerio de Asuntos Exteriores, Unión Europea y Cooperación of the Kingdom of Spain and the Bureau of Cyberspace and Digital Policy of the United States Department of State.

cyber, Cyber Civil Defense, cybersecurity, funding, Ransomware

December 19, 2024