• Home
  • Incident Response 40 for 2022
  • About
  • Webcasts
  • Contact
Cybersecurity Docket
  • Data Breach
  • Global
  • People
  • Regulatory
  • Risk Mgmt
  • Subscribe by email
  • Subscribe
Browse: Home / 2021 / April / 12 / Incident response pros seek to prove due diligence after OFAC advisory

Incident response pros seek to prove due diligence after OFAC advisory

By Securities Docket on April 12, 2021, 8:21 am

Being coerced into paying a large ransomware demand is bad enough. Having to pay a large civil penalty on top of that for transacting with a federally sanctioned cybercriminal group is even worse.

Looking to avoid such fines, incident response (IR) experts are advocating for improvements to ransomware response protocols, including additional oversight and demonstrable due diligence, while also imploring the threat intelligence community to practice responsible threat-actor attribution.

Indeed, a recurring series of questions posed at the Incident Response Forum Masterclass event on Thursday revealed that the incident response industry and their clients are still trying to find their footing six months after the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) released an Oct. 1 advisory warning against companies facilitating ransomware payments to groups who are on the Specially Designated Nationals and Blocked Persons List (“SDN List”) or have a “sanctions nexus.”

Source: Incident response pros seek to prove due diligence after OFAC advisory

Posted in Industry, Top | Tagged Ransomware

« Previous Next »

Now Available!

johnreedstark cover 230

Join Us On LinkedIn

Join the Cybersecurity and Incident Response Group on LinkedIn

Copyright © 2022 Cybersecurity Docket.

Powered by WordPress and Hybrid.