CRI members endorsed the use of a “Guidance for Organisations to Build Supply Chain Resilience Against Ransomware”
SINGAPORE, Oct. 24, 2025 /PRNewswire/ — Singapore hosted the 5th International Counter Ransomware Initiative (CRI) Summit on 24 October 2025 at Marina Bay Sands, in conjunction with the Singapore International Cyber Week 2025 organised by the Cyber Security Agency of Singapore (CSA). The 5th CRI Summit brought together nearly 150 international representatives from 60 countries, international organisations and private sector entities, reflecting strong global cooperation in the fight against ransomware. This is the first time the Summit is held outside the United States of America (US). Singapore together with Australia, Germany, the United Kingdom (UK), and the US co-chairs the CRI.
Established in 2021, the CRI, comprising 74 member countries and international organisations, is the only multilateral platform dedicated to fostering international collaboration to combat ransomware threats. Of note, this is the first time private sector entities, including Ensign InfoSecurity, participated in the CRI summit, underscoring the importance of public-private partnerships in innovating solutions and strengthening resilience to effectively combat ransomware threats.
Mrs Josephine Teo, Minister for Digital Development and Information, and Minister-in-charge of Cybersecurity and Smart Nation Group, delivered her remarks at the 5th CRI Summit, and said “the CRI represents our collective resolve against the global scourge of ransomware. Singapore is committed to supporting these efforts at the CRI. No country, no matter their capabilities or experience, can combat this wicked problem effectively by going it alone”. She added that it was decided early that membership that was not a matter of ideology. Rather, the CRI would welcome any country prepared to hold ransomware actors accountable and deny them safe harbour.
At the Summit, members engaged in discussions targeted to strengthen international cooperation and improve collective resilience against ransomware threats. Members agreed to
- improve communication between private organisations and governments,
- develop capacity building initiatives to share best practices,
- enhance information sharing,
- improve communication between governments and the private sector, and
- adopt effective recommendations and guidance to address emerging ransomware threats.
At the end of the Summit, the CRI Steering Committee issued a Summary (refer to Annex A), reaffirming a joint commitment to build collective resilience against ransomware threats, support members undergoing ransomware attacks, hold criminal ransomware actors accountable and deny them safe haven, and promote responsible State behaviour in cyberspace.
Additionally, 67 CRI members endorsed a “Guidance for Organisations to Build Supply Chain Resilience Against Ransomware”. Led by Singapore and the UK, the Guidance serves to help organisations develop an approach to improve their supply chain security posture against ransomware attacks (refer to Annex B). This Guidance aims to reduce the likelihood of a ransomware incident having a critical effect on an organisation, and ensure that organisations do not leave supply chains vulnerable to ransomware attacks. It sets out four key steps to help organisations develop an approach to improve their supply chain security posture against ransomware risks:
- Step 1: Understand why supply chain security is important (“why”)
- Step 2: Identify your key supply chain partners and their levels of access (“who”)
- Step 3: Develop a strategy and implementation plan for supply chain security (“what”)
- Step 4: Review and refine your approach.
The Summit underscored the CRI’s commitment to cooperate in combating ransomware and advancing efforts for cybersecurity. Singapore will continue to contribute to the CRI efforts to strengthen international cohesion and collaboration on counter-ransomware policies.
PR Newswire is the newswire partner of the 5th International Counter Ransomware Initiative (CRI) Summit.
Annex
CRI Steering Committee Summary for 2025: Link
Guidance for Organisations to Build Supply Chain Resilience Against Ransomware: Link