The Truth about Ransomware (and How to Stop It), with Megan Stifel of IST

Written By Ryan Owen

On this episode of the IoT: The Internet of Threats podcast, Megan Stifel, Chief Strategy Officer at the Institute for Security and Technology (IST) and co-chair of the Ransomware Task Force (RTF) Working Group, joins podcast host Eric Greenwald to discuss the current and future state of ransomware. The RTF recently released a new report, The Blueprint for Ransomware Defense, which the RTF calls a "clear, actionable framework for ransomware mitigation, response, and recovery." Megan and Eric walk through some of the report’s key elements and discuss what small- and medium-sized businesses can do to fight ransomware and whether tactics like regulation and insurance actually help or hurt the fight against ransomware​​.

Interview with Megan Stifel: 

 

Megan Stifel is the Chief Strategy Officer at the Institute for Security and Technology (IST), a San Francisco-based think tank that designs and advances solutions to the world's toughest emerging security threats. Megan also serves as a co-chair of the Ransomware Task Force (RTF) Working Group. Launched in April 2021, the RTF brings together key industry, government, and civil-society stakeholders to combat the ransomware threat with a cross-sector approach. 

Megan is also the founder and CEO of Silicon Harbor Consultants, LLC, and a Visiting Fellow at the National Security Institute at the Antonin Scalia Law School at George Mason University. Prior to these roles, Megan served as a non-resident senior fellow at the Cyber Statecraft Initiative, Global Policy Officer at the Global Cyber Alliance, and Director for International Cyber Policy at the National Security Council. Megan holds a J.D., Law from Indiana University's Maurer School of Law. 

In this interview, Eric and Megan discuss:

  • How small- and medium-sized enterprises can defend against ransomware, even with limited cybersecurity expertise 

  • The current state of ransomware: where it is and where it's going 

  • Whether regulation works in driving companies to improve cybersecurity, or if it just creates compliance theater

  • If ransomware insurance makes things better or actually causes the frequency and severity of ransomware to grow 

 

Find Megan on LinkedIn:

Megan Stifel: https://www.linkedin.com/in/megan-s-1204bb4/

 

Learn more about the Institute for Security and Technology (IST): https://www.linkedin.com/company/institute-security-technology/

Learn more about the Ransomware Task Force (RTF):

https://securityandtechnology.org/ransomwaretaskforce/

Access RTF's Blueprint for Ransomware Defense:

https://securityandtechnology.org/ransomwaretaskforce/blueprint-for-ransomware-defense/

Thank you for listening to this episode of the IoT: The Internet of Threats podcast, powered by Finite State — the leading supply chain cyber-security solution provider for connected devices and embedded systems.

 

If you enjoyed this episode, click subscribe to stay connected and leave a review to get the word out about the podcast.

 

To learn more about building a robust product security program, protecting your connected devices, and complying with emerging regulations and technical standards, visit https://finitestate.io/.

Ryan Owen
Previous

What Keeps an Industrial Cybersecurity Expert up at Night? with Jonathan Tubb of Siemens Energy
Next

You’ve been hacked. Should you call the FBI?