| Develop a national ransomware framework to standardize preparation and response. | Awaiting support |
|---|---|
| Create a national campaign to raise awareness and understanding of ransomware. | Awaiting support |
| Provide financial incentives to entities that comply with national ransomware framework. | Awaiting support |
| Mandate limited baseline security measures for critical infrastructure organizations. | Underway |
| Ensure robust information-sharing across crytocurrency exchanges, incident responders, insurers and law enforcement. | Done |
| Issue formal statements targeting ransomware criminals through diplomatic channels. | Done |
| Form an international law enforcement coalition to target ransomware criminals. | Done |
| Establish working groups and joint ransomware task forces to coordinate disruption efforts. | Done |
| Require cryptocurrency exchanges to comply with the law. | Underway |
| Consistently engage in sustained disruptive actions against ransomware infrastructure. | Done |
| Use victim data in cyber insurance market to support global law enforcement efforts. | Awaiting support |
| Create a ransomware response fund to aid recovery and disincentivize ransom payments. | Awaiting support |
| Communicate existing policies and prohibited activities to insurer consortiums. | Awaiting support |
| Remove tax deductibility allowances for ransomware payments. | Awaiting support |
| Mandate entitites report ransomware incidents to the federal government. | Underway |
| Require organizations to conduct due diligence and cost-benefit analysis prior to paying ransoms. | Underway |
