Ransomware is no longer just a financial crime; it is an urgent security risk that threatens businesses, and government agencies around the world. Small- and medium-sized enterprises (SMEs) have been increasingly hard hit by ransomware. Accenture's 2019 Cost of Cybercrime Study, for example, revealed that "43% of cyber attacks target small businesses, but only 14% are prepared to defend themselves.”
In response to this growing threat, the Ransomware Task Force (RTF) was formed in December 2020 to find effective new methods of countering the ransomware threat. Operating under the Institute for Security and Technology (IST), the RTF launched it’s seminal report in April of 2021. Within that report, Action 3.1.1 – of particular note to SMEs – called for the cybersecurity community to "develop a clear, actionable framework for ransomware mitigation, response, and recovery”. The Blueprint for Ransomware Defense Working Group – in which ActZero played a significant contributing role – was formed shortly thereafter with the specific goal of developing a set of actionable and easily achievable “Safeguards”. This new Blueprint for Ransomware Defense and it accompanying resources was launched in August 2022.
What’s in the Blueprint?
Aimed at SMEs that have small IT teams with limited cybersecurity expertise, the Blueprint provides a short list of recommended defensive actions that can be taken to combat ransomware and other common cyber attacks. The 40 easily-implementable Safeguards provide "essential cyber hygiene" – the protective controls and foundational capabilities necessary to help defend against general, non-targeted attacks. For further details, read our CXO Insight piece below.