The recently announced Cybersecurity Insurance and Data Analysis Working Group (CIDAWG) represents a renewed initiative aimed at providing robust support to small businesses, which are often more susceptible to cyber threats. Announced last month by Nitin Natarajan, Deputy Director of the Cybersecurity and Infrastructure Security Agency (CISA), this renewed effort serves as an enhanced iteration of its 2014 predecessor.
The primary objective of CIDAWG is to foster collaboration between industry stakeholders and government entities, with a focus on identifying effective security measures against cyber incidents and establishing standards for "good" cybersecurity in the dynamic digital landscape.
This collaborative effort involves key partners such as CISA, the Treasury Federal Insurance Office, the Volatility and Risk Institute at New York University Stern School of Business, and Stanford’s Empirical Security Research Group (ESRG.) Being an empirical lab, the ESRG actively constructs systems to analyze global datasets to gain insights into real-world behavior and challenges and designs more resilient systems and protocols.
CIDAWG is committed to ensuring that its analyses yield comprehensive and practical insights into how and where industries and organizations should be investing regarding cybersecurity.
Small businesses encounter significant cybersecurity challenges due to limited financial and technical resources, rendering them vulnerable to the potentially severe consequences of cyber threats. Natarajan highlights the escalating risk of ransomware, with reported attacks surging by 60% from 2018 to 2022 and ransom demands surpassing $1 million.
The recent “Cyber Incident Reporting for Critical Infrastructure Act of 2022” enactment bolsters CISA's capabilities. This legislation mandates organizations to report cyber incidents within 72 hours and ransom payments within 24 hours, ensuring swift responses and information sharing. Natarajan emphasizes the crucial role of prompt reporting in mitigating the ability of malicious actors to execute multiple intrusions using the same techniques.