Virtual Workshop on Preventing and Recovering from Ransomware and Other Destructive Cyber Events

Wednesday, July 14, 2021

 
Objectives  

The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) seeks comments and feedback from government and industry subject matter experts on challenges and the practical approaches to preventing and recovering from ransomware and other destructive cyber events. The NCCoE will open a call for papers on June 4, 2021 and host a follow-up virtual workshop on July 14th, 2021.

 
Background

The National Cybersecurity Center of Excellence (NCCoE) is initiating the development of practices in the form of white papers, playbooks, and demonstrable implementations for organizations to prevent and recover from ransomware and other destructive cyber events that may compromise the confidentiality, integrity, or availability of data and result in adverse operational, reputational, and monetary impacts.

Ransomware attacks continue to increase in both frequency and impact. To date, the NCCoE has released extensive guidance on data security best practices aligning with the NIST Cybersecurity Framework. To further help organizations mitigate risks from ransomware events, the NCCoE is considering new applied cybersecurity guidance, and seeks feedback in the following areas:

  • Current challenges and risks in preventing and recovering from ransomware attacks
  • Recommended improvements to current NIST and NCCoE guidance addressing ransomware and data security
  • Recommendations for new areas of NIST and NCCoE guidance to address ransomware challenges
  • Effective architectures, capabilities, and strategies for preventing and recovering from ransomware attacks
 
NIST invites government and industry subject matter experts and practitioners to express their views related to challenges to implementation, operations, and security associated with the mitigation of ransomware attacks. Papers should be no more than two pages long and shall clearly and succinctly express ransomware challenges and/or mitigations along with any recommended actions for NIST and the NCCoE.

If you would like to present in the lightning session, please submit a position paper no more than two pages long to ransomware@nist.gov no later than June 30, 2021. The NCCoE will publish a summary of these contributions (without attribution) before the workshop to maximize the exchange of ideas.

 

Workshop

Following the call for papers, NIST invites government and industry subject matter experts and practitioners to present their views related to challenges to implementation, operations, and security associated with the mitigation of ransomware attacks. The workshop provides an opportunity for participants to share feedback on all aspects of the planned activities to include: relevant standards, guidelines, and recommended practices; use cases and technologies to be considered; and sources of specifications and guidance. NIST will use the resulting prioritized list of activities to help accelerate the development of a playbook for mitigation of ransomware attacks.

 
Participation

Please register for this workshop as soon as possible. Registration for the workshop will close on July 9, 2021. The workshop will be limited to 1000 participants. The workshop will be recorded and the content will be made available after the event.

 

Please join the community of interest by sending an email to ransomware@nist.gov to get the latest updates on the activities related to mitigating ransomware attacks.

 

Agenda
 

 11:00 – 11:10

 NIST and NCCoE Overview

 11:10 – 11:25

 Workshop Overview and Background

 11:25 – 11:45

 Status of NIST Ransomware Activity

 11:45 – 11:55

 Moderated Q & A

 11:55 – 12:00

 Break

 12:00 – 13:00

 Challenges Section

 13:00 – 13:10

 Moderated Q & A

 13:10 – 13:15

 Break

 13:15 – 14:15

 Ten Minute Participant Lightning Talk Session

 14:15 – 14:30

 Moderated Q & A

 14:30 – 14:45

 Next Steps/Wrap-up (NCCoE)

All times in Eastern Daylight Time (EDT)
 
Questions? 

Please send an email to  ransomware@nist.gov