NIST Drafts Guidelines for Coping With Ransomware

The National Institute of Standards and Technology has unveiled a pair of draft practice guidelines that offer updated advice and best practices on how to protect the confidentiality, integrity and availability of data in light of increasing threats from ransomware and other large-scale cyber events.

The guidelines offer recommendations for enterprises to contain a ransomware attack or mitigate the impact. For example, they offer details on how to implement backups tied to secure storage capabilities, use network protection and inventory assessments, and create policies to help ensure endpoints are safeguarded.

The draft practice guidelines, Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events, and Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events, were developed by NIST's National Cybersecurity Center of Excellence.

NIST will accept comments on the draft advice until Feb. 26, and then will issue final guidance later this year.

Read more at: BankInfoSecurity