The National Cybersecurity Center of Excellence has released an initial public draft of “Ransomware Risk Management: A Cybersecurity Framework 2.0 Community Profile” and is calling for feedback on the publication.
Table of Contents
Managing Ransomware Threats
Also known as NIST Interagency Report 8374, the publication is meant to help readers evaluate whether their organization is prepared to counter ransomware threats, mitigate the effects of a ransomware event and develop a ransomware countermeasure playbook, the National Institute of Standards and Technology said Monday.
The publication, which was developed with the help of industry partners, can also be used by readers to identify areas where they could improve their organizations’ defenses against ransomware.
NIST IR 8374 reflects changes to Cybersecurity Framework 1.1 that are now part of CSF 2.0. These changes include objectives that support the management, detection, response to and recovery from ransomware events.
Input From the Public
Concerning public feedback, NIST is interested in determining which parts of the publication are helpful and which need to be improved. Of particular interest to NIST is determining which types of prioritization and control baselines are helpful.
The agency is also interested in finding out about other resources related to ransomware risk mitigation.
Interested parties have until March 14 to provide feedback. Respondents may also provide general feedback regarding the publication.