May 7, 2024 at 04:11PM
CISA is launching a Ransomware Vulnerability Warning Pilot program to help healthcare, schools, and critical infrastructure organizations address security flaws exploited by ransomware groups. The system sent 1,754 notifications in its first year, resulting in 49% of organizations taking action. The program is set to become a fully automated warning system by the end of next year.
The meeting notes highlight CISA’s efforts to combat ransomware attacks on critical infrastructure organizations. CISA’s Ransomware Vulnerability Warning Pilot program aims to proactively identify and notify entities of vulnerabilities exploited by ransomware threat groups. The program has already sent out 1,754 notifications to organizations, resulting in almost half of them taking action to patch or mitigate the vulnerabilities. The program is a result of the Cyber Incident Reporting for Critical Infrastructure Act and is set to become a fully automated warning system by the end of next year. CISA sees this as one of many tools to help combat ransomware and other cyber threats, likening their approach to a full-court press in basketball.