Date Published: January 13, 2025
Comments Due: March 14, 2025
Email Comments to:
ransomware@nist.gov
This draft Ransomware Community Profile reflects changes made to the Cybersecurity Framework (CSF) from CSF 1.1 to CSF 2.0 which identifies security objectives that support managing, detecting, responding to, and recovering from ransomware events. Ransomware can attack organizations of all sizes from any sector. You can use this publication to gauge your organization’s readiness to counter ransomware threats, mitigate potential consequences of a ransomware event, and to develop a ransomware countermeasure playbook.
Per the "Note to Reviewers" starting on line 104 of the draft, NIST is interested in answers to the following questions:
General comments on the draft are also welcome.
The public comment period is open now until March 14, 2025. Please send your feedback about this draft and what content would be most valuable in future NIST ransomware guidance to ransomware@nist.gov.
NOTE: A call for patent claims is included on page iii of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy – Inclusion of Patents in ITL Publications.
None selected
Publication:
https://doi.org/10.6028/NIST.IR.8374r1.ipd
Download URL
Supplemental Material:
Ransomware Protection and Response project
Document History:
01/13/25: IR 8374 Rev. 1 (Draft)