Ransomware attacks are continuing to rise, and without a doubt the stakes are getting higher. These attacks are increasing in volume and sophistication and while it might be tempting to pay a ransom, doing so only fuels the fire. We are seeing more instances where the public and private sector respond to the pressure and pay the ransom. In addition to this week's OFAC advisory, Senators Warren and Wyden have both introduced separate bills that would hold corporate executives accountable if they fail to take cybersecurity seriously. Ransomware attacks and other cyberthreats will continue to remain constant as our personal lives and business operations continue to digitalise. That’s why choosing to pay a ransom is too often a short-sighted response that could come at a high cost. Research has shown that paying a ransom can double the cost of recovery. Building, maintaining and constantly improving an organisation’s cybersecurity program is always the best approach and there are certainly tools available today that provide cost effective solutions. Fortunately, choosing to pay a ransom is not an approach we’ve seen corporate boards take in the industrial networking and critical infrastructure space. Paying a ransom can be a slippery slope - and even illegal in some cases as we now see with the OFAC advisory. Organisations that give into hackers’ demands are only supporting the profitability and growth of ransomware activity. When it comes to ransomware attacks, prevention will always be better than a cure.  Read Less

As is so often the case the latest executive order signed by President Trump, which prohibits the use of bulk power system equipment from foreign countries to limit the risk to the US power grid, is a step in the right direction, but it does not go far enough. While there are several positives in the order; namely, raising the importance of our grid infrastructure and electric power in our lives, national security, and developed economic life; pointing at countries that may want to challenge our global status, way of life, or ability to keep stable conditions; and seeking to address a potential vector of attack in the backdoors and trojans that could be implanted in foreign-sourced infrastructure equipment. However, there are a few shortcomings. Firstly, it ignores the largest problems in the electric cyber environments: lack of visibility in the networks and any nationally enforceable standards. Secondly, it is not immediately actionable. The order does not name countries, or propose anything specific, it just enables a team to go look at this without clear advice if problems are found. And lastly, even if enforced and specifics were given, i.e. no new equipment from China or Russia in the grid, it does not address all the legacy infrastructure that has been and will be around for a very long time. While this latest executive order on securing the US bulk power system is good in some ways, it is simply not enough. Though it is directionally correct, it left me wanting real substance, and real security.  Read Less