After the recent string of attacks on U.S. critical infrastructure, the Biden Administration called on business leaders directly to protect themselves from ransomware through a number of security best practices including Zero Trust Segmentation of their networks. With additional reports confirming President Joe Biden will address these attacks with Russian President Vladimir Putin in their upcoming meeting, it’s clear that the U.S. is “not taking any options off the table” in mulling over retaliation.

In the future of cyber warfare, ransomware is adversaries’ weapon of choice. With that, and as reflected in the Biden Administration’s Executive Order, it is critical for U.S. federal agencies and the private sector to implement segmentation and Zero Trust into their cybersecurity infrastructures in order to combat the emerging and insidious threat of information warfare. 

This need for a Zero Trust posture is further reinforced by the fact that our complete reliance on detection and prevention techniques to find threats and stop bad actors is failing us. With nation-states operating at all time high levels of sophistication and impact, a failure to recognize this will result in a small incident turning into a catastrophic attack -- with the power to impact human lives.

The White House is calling for immediate actions enterprises should take to mediate the risk of ransomware and other attacks. One of the focus areas was the segmentation of networks.  We have seen firsthand how current compliance measures intersect with new security initiatives such as Zero Trust and Micro-Segmentation. Regulations themselves are not keeping up with these types of technical advances as there are no stated requirements for Zero Trust, but components of the best practices of Zero Trust are imbued into the regulations, and we need the tools and practices that allow our technology to meet our security needs while keeping in compliance.

These are all excellent recommendations. However, there is a missing element of proactive defense here. Organizations need to implement cyber defenses that can reduce the attack surface and detect ransomware attacks in real-time, not just prepare for quickly resuming operations after a ransomware attack. Modern security operations should include data science powered technology paired with traditional cyber defenses to thwart ransomware attacks. Privileged access management, continuous authentication, MFA, risky account discovery and cleanup, intrusion detection, behavioral analytics, data loss prevention, firewalls, Endpoint Detection and Response (EDR) or even better Extended Detection and Response (XDR) - all these are modern security measures needed to keep attackers from successfully penetrating corporate networks and interrupting operations. The technology is available. It’s just a matter of putting it in place and working diligently to identify and derail cybercriminals and malicious insiders before they derail you.