Dive Brief:
- The chair of the Federal Trade Commission is urging businesses to do more to protect consumers from ransomware, according to CIO report.
- Ransomware now ranks "among the most troubling cyberthreats," said FTC Chair Edith Ramirez at a recent FTC forum focused on strategies to combat ransomware. "The spate of ransomware incidents are escalating at an alarming rate."
- Ramirez put companies on notice that the agency expects them to play a role in protecting their customers from ransomware. "A company's unreasonable failure to patch vulnerabilities known to be exploited by ransomware might very well violate the FTC Act," said Ramirez.
Dive Insight:
Over the past decade, the FTC has established itself as the government’s chief cybersecurity enforcer when it comes to protecting consumers from a data breach. The FTC has sued several private-sector companies, including LabMD and Wyndham Hotels, for allegedly failing to protect consumer data because of lacking cybersecurity practices.
Recently, the agency has cemented its authority to protect consumers and punish companies that are found mismanaging data. Now, the FTC is looking to also ensure that companies prevent ransomware from taking over their networks.
Cybersecurity policies and regulations are still in their infancy. While cybercrime is rapidly evolving and advancing in capabilities, companies are scrambling to keep up and defend themselves. Federal agencies are also trying to keep up, as they are the organizations tasked with stepping in if companies are found with risky cyber practices.
Though some cybersecurity guidance and regulation is already in place, there will likely be more to come in the future, whether at the federal or state level.
