To Combat Cyber Crime, White House Initiative Promises Tools; Some Seek Funding, New Laws

As ransomware attacks become epidemic and breaches get larger, the Biden administration is partnering with private industry to bolster security and education in an effort to step up defenses against cybercrime. As part of the initiative, at least one company that offers cyber insurance will require that its policyholders adhere to a set of standards.

Still, health care cybersecurity and compliance experts told RPP that additional steps will be needed—and quickly—to protect health care entities from phishing, hacking and ransomware.

“I think this initiative is a big step in the right direction—it’s great to see that the U.S. government is seriously addressing cybersecurity and working to get ahead of the problem. In addition, seeing the commitment for cybersecurity training is a good sign,” said Adrien Gendre, chief product officer and co-founder of Vade Secure, which offers artificial intelligence-based cybersecurity. “How quickly the initiatives will deliver remains to be seen, and some of them are intended as long-term solutions (i.e., the initiatives focusing on cybersecurity skills and education).”

Gendre said moves by insurers to hold insured companies to a high standard could induce faster change in the private sector. “Cyber insurance companies requiring that businesses meet a threshold of best practices can have an immediate and long-lasting impact, as it forces businesses to get serious about their security or lose their coverage as a result,” he said.

At a White House meeting held Aug. 25, the Biden administration announced that the National Institute of Standards and Technology (NIST) will collaborate with industry and other partners to develop a new framework “to improve the security and integrity of the technology supply chain.”[1]

Top tech companies and insurers, including Microsoft Corp., Google Inc., IBM, the Travelers Companies Inc. and Coalition Inc., committed to participating in the NIST-led initiative. “The approach will serve as a guideline to public and private entities on how to build secure technology and assess the security of technology, including open source software,” according to the fact sheet.

This document is only available to subscribers. Please log in or purchase access.
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field