NIST publishes draft cybersecurity framework for ransomware risk management
The National Institute of Standards and Technology (NIST) has published a new draft on ransomware guidance for organizations. The document features advice on how to defend against the malware, what to do in the event of an attack, and how to recover from it.
The framework establishes The Ransomware Profile, a guide to help organizations profile the state of their own readiness. The Ransomware Profile maps security objectives from the Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 [1] (also known as the Cybersecurity Framework) to security capabilities and measures that support preventing, responding to, and recovering from ransomware events.