"GAO Says Federal Agencies Could Improve Collaboration on Ransomware"

Officials from government organizations told the Government Accountability Office (GAO) that federal agencies' ransomware prevention and response assistance was "generally satisfactory." According to the Department of Homeland Security (DHS), ransomware attacks have more than doubled since 2017. Meanwhile, the Multi-State Information Sharing and Analysis Center (MS-ISAC) discovered that from January 2017 to March 2021, State, Local, Tribal, and Territorial (SLTT) governments experienced over 2,800 ransomware incidents. Through a GAO survey, officials generally reported positive views on ransomware guidance, detailed threat alerts, quality no-cost technical assessments, and timely incident response assistance. However, they did cite issues with awareness, outreach, and communication. For example, half of the survey respondents who worked with the FBI cited inconsistent communication as a challenge associated with the agency's ransomware assistance. GAO discovered that the Cybersecurity and Infrastructure Security Agency (CISA), FBI, and US Secret Service took steps to improve interagency coordination through existing mechanisms, such as interagency detailees and field-level staff, and demonstrated coordination on a joint ransomware website, guidance, and alerts when assessing cooperation. However, the GAO report notes that there is room for improvement. The FBI established CyNERGY, an interagency database and coordination platform that allows federal cyber centers and other sector risk management agencies to enter, view, and coordinate a whole-of-government response to malicious cyber incidents and targeted entities. According to the FBI, while the platform was used by a few early adopters, CISA and other relevant agencies did not. Meanwhile, CISA was testing a dashboard for tracking reported ransomware incidents. This article continues to discuss key findings from GAO's ransomware report highlighting that federal agencies provide useful assistance, but there is still a need for improved collaboration. 

HSToday reports "GAO Says Federal Agencies Could Improve Collaboration on Ransomware"