The National Institute of Standards and Technology (NIST) recently published new draft guidance to help organizations defend against, manage, and recover from a ransomware attack.
The draft guidance, The Cybersecurity Framework Profile for Ransomware Risk Management, is intended to be used with the NIST Cybersecurity Framework as well as other guidance from NIST, the Department of Homeland Security, and the Federal Bureau of Investigation. Organizations can use the draft guidance to improve their risk postures or implement a risk management framework that includes addressing ransomware. Planning can also help organizations that fall victim to a ransomware attack recover more quickly.
A revised copy of the draft guidance will be released based on feedback received before July 09, 2021. A second commentary period will occur before the final document is published. Sarah Coble "NIST Publishes Ransomware Guidance" infosecurity-magazine.com (Jun. 22, 2021).