Health-ISAC would like to highlight two ISAC-collaborative papers
recently published by the National Council of ISACs (NCI.)

These are available in full on the NCI website here:



National Council of ISACs Statement of Ransomware

Ransomware is a threat that the National Council of ISACs (NCI) and its member ISACs have been monitoring for years. With the increasing number of incidents of Ransomware, it is more important than ever that all enterprises take appropriate measures to protect themselves. Recently there have been some successes on the part of law enforcement and financial regulators as evidenced by indictments and the seizure of some ransom payments. The NCI calls upon businesses to redouble their efforts at cyber hygiene and references key resources to assist in network defense and pre-attack preparation. Additionally, the NCI is reiterating the importance of law enforcement and regulators across the globe to work with industry to identify, disrupt, and impose consequences on ransomware operators.

No sector is immune to Ransomware attacks. Ransomware can impact organizations of any size in any sector. However, there are steps organizations can take to reduce their risk and recover from a successful attack.

For the recommended steps and a list of resources, please see the full paper on the NCI website here


NCI Principles on Mandatory Reporting

The National Council of ISACs has been facilitating cross sector information sharing since 2003. The NCI and our members are committed to continuing to improve sharing across the NCI Membership, within the individual members, and between industry and government. As policy makers consider implementing mandatory reporting requirements, the NCI believes that it is important policy makers consider the following:

  • – Scoping
  • – Cost and Benefit
  • – Blame the Malicious Actors, Not the Victims
  • – Leverage Existing ISACs to Ease Implementation


The above categories are covered in full and can be found on the NCI website here




Translate »