* [Blog](https://www.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www.paloaltonetworks.com/blog/corporate/)
* [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/)
* Palo Alto Networks Leads ...

# Palo Alto Networks Leads Efforts to Combat Ransomware

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2021%2F05%2Fpolicy-rtf-combating-ransomware%2F)  
[](https://twitter.com/share?text=Palo+Alto+Networks+Leads+Efforts+to+Combat+Ransomware&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2021%2F05%2Fpolicy-rtf-combating-ransomware%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2021%2F05%2Fpolicy-rtf-combating-ransomware%2F&title=Palo+Alto+Networks+Leads+Efforts+to+Combat+Ransomware&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/2021/05/policy-rtf-combating-ransomware/&ts=markdown)  
\[\](mailto:?subject=Palo Alto Networks Leads Efforts to Combat Ransomware)  
Link copied  
By [John Davis](https://www.paloaltonetworks.com/blog/author/john-davis/?ts=markdown "Posts by John Davis")  
May 14, 2021  
4 minutes  
[Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)  
[ransomware](https://www.paloaltonetworks.com/blog/tag/ransomware/?ts=markdown)  
[ransomware task force](https://www.paloaltonetworks.com/blog/tag/ransomware-task-force/?ts=markdown)

This post is also available in: [日本語 (Japanese)](https://www.paloaltonetworks.com/blog/2021/05/policy-rtf-combating-ransomware/?lang=ja "Switch to Japanese(日本語)")

Ransomware is one of society's most pervasive threats, growing from a cybercrime nuisance to a critical risk to national and global security, economic stability, and public safety. The severity of this threat has been highlighted by recent events, including the shutdown of a major U.S. pipeline following an attack by [one of the most prolific cyber extortion gangs](https://unit42.paloaltonetworks.com/darkside-ransomware/).

[Data from](https://unit42.paloaltonetworks.com/ransomware-threat-report-highlights/)the Palo Alto Networks Unit 42 threat intelligence team demonstrates just how rapidly the cost of these attacks is growing: The average cyber ransom paid more than doubled last year to $312,493. So far in 2021, the average payment has nearly tripled again -- to about $850,000. The highest demand our Unit 42 incident response team has seen this year was $50 million -- up from $30 million in 2020.

Adversary tactics are also becoming increasingly egregious. Ransomware actors took advantage of the COVID-19 pandemic in 2020, preying on healthcare organizations and other critical sectors with brazen attacks on operations crucial for saving lives. They also upgraded their infrastructure and recruited heavily. Attacks are also targeting school districts, local governments, hospitals, manufacturing and critical infrastructure -- like the pipeline operator.

To address the rise of ransomware, Palo Alto Networks recently joined more than 60 leaders from industry, academia, civil society and government in a coalition called the [Ransomware Task Force (RTF)](https://securityandtechnology.org/ransomwaretaskforce/). In addition to this whole-of-society effort, Palo Alto Networks is doing its part with technological solutions, developing products and services that can help thwart ransomware attacks. Existing and emerging security technologies can play a critical role in helping address the ransomware crisis.

I have served as one of the co-chairs of this group, which released the report "[Combating Ransomware](https://securityandtechnology.org/ransomwaretaskforce/report/)," with practical and comprehensive recommendations to address the ransomware threat. Palo Alto Networks was also well represented across several of the RTF working groups to help develop the framework, including Adrian McCabe in the *Disrupt* group and Sam Rubin in *Respond* . Sean Morgan and I represented Palo Alto Networks in the *Prepare* group.

On May 5, I was honored to represent the RTF during a [testimony](https://homeland.house.gov/download/davis-testimony-cipi-55) to the [U.S. House of Representatives Committee on Homeland Security](https://homeland.house.gov/activities/hearings/responding-to-ransomware-exploring-policy-solutions-to-a-cybersecurity-crisis). I pledged that our company will continue partnering with policymakers to support solutions that address ransomware, highlighting how critical robust public-private collaboration is to reverse the current trajectory.

After months of research and collaboration, the RTF report was unveiled [during an event](https://youtu.be/ZzK7Vu5rdaE) featuring U.S. Secretary of Homeland Security Alejandro Mayorkas. Leading experts highlighted the report's four goals and five priority recommendations, which include:

## Goals of the Combating Ransomware Report:

1. ***Deter*** ransomware attacks through a nationally and internationally coordinated, comprehensive strategy.
2. ***Disrupt*** the ransomware business model and decrease criminal profits.
3. Help organizations ***prepare*** for ransomware attacks.
4. ***Respond*** to ransomware attacks more effectively.

## Recommendations From the Ransomware Task Force:

1. **Coordinated, international diplomatic and law enforcement efforts** must proactively prioritize ransomware through a comprehensive, resourced strategy.
2. The United States should lead by example and execute **a sustained, aggressive, whole of government, intelligence-driven anti-ransomware campaign**, coordinated by the White House.
3. Governments should establish **Cyber Response and Recovery Funds** to support ransomware response and other cybersecurity activities.
4. An internationally coordinated effort should be developed to provide **a clear, accessible and broadly adopted framework** to help organizations prepare for -- and respond to -- ransomware attacks.
5. **The cryptocurrency sector** that enables ransomware crime should be more closely regulated to adhere to current laws.

While no single organization has all of the capabilities, resources or authority to address ransomware on their own, Palo Alto Networks is fully committed to doing our part to support this critical global effort. Learn more about our approach to [ransomware protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown).

*John Davis is a retired U.S. Army Major General and vice president of public sector for Palo Alto Networks.*

*** ** * ** ***

## Related Blogs

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

[#### The Evolving Threat of Ransomware --- A Call to Action for Cybersecurity](https://www.paloaltonetworks.com/blog/2024/04/the-evolving-threat-of-ransomware/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown)

[#### Combating Ransomware Attacks: Insights from Unit 42 Incident Response](https://www.paloaltonetworks.com/blog/2023/09/combating-ransomware-attacks-insights/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

[#### Average Ransom Payment Up 71% This Year, Approaches $1 Million](https://www.paloaltonetworks.com/blog/2022/06/average-ransomware-payment-update/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

[#### Australia's Response to the Rise of Ransomware](https://www.paloaltonetworks.com/blog/2021/10/australias-ransomware-action-plan/)

### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown), [Zero Trust Security](https://www.paloaltonetworks.com/blog/category/zero-trust-security/?ts=markdown)

[#### Empowering the RAF Association with Next-Generation Cyber Resilience](https://www.paloaltonetworks.com/blog/2026/02/raf-association-next-generation-cyber-resilience/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Predictions](https://www.paloaltonetworks.com/blog/category/predictions/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

[#### 2026 Public Sector Cyber Outlook: Identity, AI and the Fight for Trust](https://www.paloaltonetworks.com/blog/2026/01/public-sector-cyber-outlook/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language