Battling Ransomware: 'We're Targeting the Entire Ecosystem'Marc Rogers of Okta Reviews Progress on Ransomware Task Force Recommendations
More than one year after devastating ransomware attacks disrupted critical infrastructure in numerous countries, including Colonial Pipeline in the United States, the problem hasn't gone away. But numerous governments have helped to marshal a better response by focusing on improving the resilience of domestic businesses, combating the illicit use of cryptocurrency and devoting increased law enforcement resources to track and disrupt criminal syndicates, says Marc Rogers, senior director of cybersecurity at Okta.
Many governments are also implementing numerous recommendations put forth in April 2021 by the Ransomware Task Force, launched by the Institute for Security and Technology.
Rogers, who is part of the institute, reflected on those recommendations just over one year later. "It's broadly good news: 80% of the recommendations were at least implemented to some degree, and something like 25% of them were implemented to a large degree," he says. "No, we haven't gotten rid of ransomware, as everyone will say, but we are at least putting in place the mechanisms and things to deal with this, and more importantly, we're targeting the entire ecosystem, rather than just going after individual cases as they happen."
In a video interview with Information Security Media Group at RSA Conference 2022, Rogers also discusses:
- His work with the Ransomware Task Force;
- Why identity was such a big theme at RSA Conference 2022;
- Offensive cyber activities in the Russian-Ukraine conflict, including misperceptions about a "lack" of cyber operations in the war.
Rogers has over 20 years of cybersecurity experience. He began hacking in the 1980s and is now a white-hat hacker renowned for penetrating Apple's TouchID and the Tesla Model S. Prior to Okta, Rogers served as the head of security for Cloudflare and spent a decade managing security for U.K. telecommunications giant Vodafone. He's been a CISO in South Korea and also co-founded a disruptive Bay Area startup. In the role of technical adviser, he helped create hacks for the TV show "Mr. Robot." He is also an organizer and head of security for DEF CON, the world's largest hacking conference. Most recently, Rogers helped found the CTI League, a multinational cybersecurity initiative combining industry professionals, government agencies and law enforcement agencies from 80 different countries.