U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NISTIR 8374 (Draft)

Cybersecurity Framework Profile for Ransomware Risk Management

Date Published: September 2021
Comments Due: October 8, 2021 (public comment period is CLOSED)
Email Questions to: ransomware@nist.gov

Author(s)

William Barker (Dakota Consulting), Karen Scarfone (Scarfone Cybersecurity), William Fisher (NIST), Murugiah Souppaya (NIST)

Announcement

This revised draft addresses the public comments provided for the preliminary draft released in June 2021.

Ransomware is a type of malware that encrypts an organization’s data and demands payment as a condition of restoring access to that data. In some instances, ransomware may also steal an organization’s information and demand additional payment in return for not disclosing the information to authorities, competitors, or the public. Ransomware attacks target organizations’ data or critical infrastructure, disrupting or halting operations. 

This report defines a Ransomware Profile, which identifies security objectives from the NIST Cybersecurity Framework that support preventing, responding to, and recovering from ransomware events. The profile can be used as a guide to managing the risk of ransomware events. That includes helping gauge an organization’s level of readiness to mitigate ransomware threats and to react to the potential impact of events.

NOTE: A call for patent claims is included on page iii of this draft.  For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.

For additional information, visit our Ransomware Protection and Response page.

Abstract

Keywords

Cybersecurity Framework; detect; identify; protect; ransomware; recover; respond; risk; security
Control Families

None selected

Documentation

Publication:
NISTIR 8374 (Draft) (DOI)
Local Download

Supplemental Material:
None available

Document History:
06/09/21: NISTIR 8374 (Draft)
09/08/21: NISTIR 8374 (Draft)
02/23/22: NISTIR 8374 (Final)

Topics

Security and Privacy
malware

Applications
cybersecurity framework