The US Cybersecurity and Infrastructure Security Agency (CISA) has relaunched a key working group, with ambitious plans to understand the effectiveness of security controls in tackling ransomware and other threats.
The Cybersecurity Insurance and Data Analysis Working Group (CIDAWG) was originally founded in 2016, although the new iteration will be very different, according to CISA deputy director, Nitin Natarajan.
“The working group was re-established to create a venue for collaboration and forward progress with industry on topics where we have shared interests – specifically, understanding what security controls are working most effectively to defend against cyber incidents,” he explained.
“This will help organizations to better understand where to invest resources and will allow the government to ensure our future investments are making the greatest impacts. To put it simply, we want to understand what ‘good’ looks like.”
Read more on CISA initiatives: CISA Updates Zero Trust Maturity Model With Public Feedback
This is especially important in the context of the ransomware epidemic sweeping the US. A 60% annual increase in incidents reported to the FBI has helped to drive a 49% surge in overall cybercrime losses, from $6.9bn in 2021 to $10.3bn last year, Natarajan noted.
Understanding which security controls are most effective will be key to driving best practice and improving baseline security across organizations, CISA claimed.
When it relaunches in December, CIDAWG will team up with Stanford’s Empirical Security Research Group, with a mission to correlate data with cybersecurity controls to understand their effectiveness.
“CISA will ask working group members to collaborate with Stanford to improve analysis of the aggregated, anonymized loss data and link it with controls effectiveness,” Natarajan explained.
“This analysis will be a resource both for insurers to inform their risk analysis and for CISA to better understand whether efforts like the Cyber Performance Goals (CPGs) and the Secure by Design initiative are translating to reduced cyber risk exposure for organizations that adopt them.”