NIST Issues Cybersecurity Framework for Ransomware Risk Management

The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) recently issued a Ransomware Profile* identifying steps organizations can take to prevent, respond to and recover from ransomware events**. According to the profile, its “purpose…is to help organizations identify and prioritize opportunities for improving their security and resilience against ransomware attacks.” NIST encourages organizations to use the document as a guide for profiling the state of their own readiness and to identify gaps to achieve their goal.

**NIST’s National Cybersecurity Center of Excellence (NCCoE) has produced additional reference materials intended to support ransomware threat mitigation. These include: NIST Special Publication (SP) 1800-26, Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events, which addresses how an organization can handle an attack when it occurs and what capabilities it needs to have in place to detect and respond to destructive events; NIST SP 1800-25, Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events, which addresses how an organization can work before an attack to identify its assets and potential vulnerabilities and remedy the discovered vulnerabilities to protect these assets; NIST SP 1800-11, Data Integrity: Recovering from Ransomware and Other Destructive Events, which addresses approaches for recovery should a data integrity attack be successful; and Protecting Data from Ransomware and Other Data Loss Events, which is a guide for managed service providers to conduct, maintain and test backup files that are critical to recovering from ransomware attacks.


Read more at: JD Supra