Representatives from the US and UK’s cyber security agencies have met up in London to discuss strategies to counter the growing ransomware threat.
National Cyber Security Centre (NCSC) CEO Lindy Cameron and director of the US Cybersecurity and Infrastructure Security Agency (CISA) Jen Easterly discussed the importance of industry collaboration to complement government efforts to bolster cyber resilience.
The counterparts reflected on a number of cross-sector programs, including the NCSC’s Industry 100 scheme and CISA’s Joint Cyber Defense Collaborative.
Both programs aim to integrate public and private sector resources in a bid to unify crisis action planning and defend against threats to US critical infrastructure.
“It was a pleasure to host director Easterly for our first in-person bi-lateral meeting to discuss the critical issues in cyber security today,” Cameron said.
“Ransomware is a serious and growing security threat that cuts across borders, and it is important for us to maintain a continuing dialogue with our closest ally to tackle it.”
Other issues discussed by the pair included gender diversity, including the NCSC’s CyberFirst Girls Competition, which aims to get more girls interested in the cyber space.
Cameron is also expected to meet with John Tien, deputy secretary of the Department of Homeland Security, in London to discuss other cyber-related issues.
Such meetings between multinational cyber security counterparts’ form part of a broader push to strengthen global co-operation.
In June, NCSC, CISA, the FBI, and the Australian Cyber Security Centre (ACSC) released a joint cyber security advisory highlighting the top common vulnerabilities and exposures (CVEs) routinely exploited by cyber actors in 2020 and vulnerabilities being widely exploited this year.
One of the key findings is that four of the most targeted vulnerabilities in 2020 involved remote work, VPNs, or cloud-based technologies. Many VPN gateway devices remained unpatched during 2020, with the growth of remote work options due to the COVID-19 pandemic challenging the ability of organisations to conduct rigorous patch management.