Source: This article was first published on Security Magazine.
The National Institute of Standards and Technology (NIST) has published a new draft on ransomware guidance for organizations. The document features advice on how to defend against the malware, what to do in the event of an attack, and how to recover from it.
The framework establishes The Ransomware Profile, a guide to help organizations profile the state of their own readiness. The Ransomware Profile maps security objectives from the Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1  (also known as the Cybersecurity Framework) to security capabilities and measures that support preventing, responding to, and recovering from ransomware events.
The profile can be used as a guide to managing the risk of ransomware events. That includes helping to gauge an organization’s level of readiness to mitigate ransomware threats and to react to the potential impact of events. The profile can also be used to identify opportunities for improving cybersecurity to help thwart ransomware.
The publication also details some basic preventative steps that an organization can take now to protect against the ransomware threat, including:
Steps that organizations can take now to help recover from a future ransomware event include:
NIST says the Ransomware Profile is intended for a general audience and is broadly applicable to organizations that:
Chris Morales, Chief Information Security Officer at Netenrich, a San Jose, Calif.-based Resolution Intelligence provider, says, “It’s good NIST calls out ransomware, however, there isn’t anything particularly new here. It is primarily hygiene based on a prevention strategy, which unfortunately requires the proper staff to do or to even know NIST created these guidelines. This is especially true within mid-size and smaller organizations that attacks are now frequently targeting.”
To access the full document, please visit https://csrc.nist.gov/