The May ransomware attack on Colonial Pipeline exposed the country’s significant vulnerability to cyberthreats.
The attack triggered lines at gas stations, higher prices at the pump, and even some hoarding. It prompted new federal cybersecurity regulations for the pipeline industry and a presidential executive order on cyber defenses. And it brought calls for tougher defenses against such attacks.
“Clearly our path to date hasn’t been good, because of how many companies are dealing with ransomware or data breaches,” says Matt Stamper, CISO and an executive advisor at Evotek and a leader at the IT governance association ISACA.
Many security leaders concur.
They’re concerned about the rapidly rising number of ransomware attacks and the growing sophistication of adversaries supported indirectly or directly by nation-states—support that gives them and the burgeoning ransomware-as-a-service business model better odds at doing substantial damage.