Ransomware is a type of malicious attack where attackers encrypt an organization’s data and demand payment to restore access. In some instances, attackers may also steal an organization’s information and demand an additional payment in return for not disclosing the information to authorities, competitors, or the public. This serious cybersecurity challenge is becoming more widespread.
To help address this challenge, NIST is releasing two guides:
The final Ransomware Risk Management: A Cybersecurity Framework Profile (NISTIR 8374) incorporates feedback from earlier drafts and is based on the broader Cybersecurity Framework Version 1.1. It can be used as a guide to manage the risk of ransomware events—which includes helping to gauge an organization's level of readiness to counter ransomware threats and to deal with the potential consequences of events.
NIST has also developed a companion quick start guide, Getting Started with Cybersecurity Risk Management: Ransomware, designed for organizations—including those with limited resources to address cybersecurity challenges—to easily understand the advice given in the Profile and to get guidance on what they can begin implementing today. It’s important to recognize that you don’t need to do everything all at once…getting started is the key!
Questions? Email us at ransomware@nist.gov.