The proposed law, the “DHS Cyber Hunt and Incident Response Teams Act,” authorizes the Department of Homeland Security (DHS) to invest in and develop “incident response teams” to help organizations battle ransomware attacks. Part of that means that the DHS would create teams to protect state and local entities from cyber threats and restore infrastructure that has been affected by ransomware attacks.
“Our cyber response teams play an important role in protecting against cyber threats, reducing cybersecurity risks, and helping to get our cyber infrastructure back up and running after an attack occurs,” said Senator Rob Portman (R-OH), a co-author of the plan, in a statement last week. “I am glad the Senate passed our bipartisan legislation and I hope we send it to the president’s desk soon so that we can strengthen our response efforts in the event of a cyberattack.”
A similar bill has already passed in the House of Representatives in 2018, called the “DHS Cyber Incident Response Teams Act of 2018.” Senators said that the two pieces of legislation will now begin a reconciliation process.
It's a start. We're still a long way from being sufficiently protected. The vast majority of ransomware attacks start with a phishing email.