Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST IR 8374 Rev. 1 (Initial Public Draft)

Ransomware Risk Management: A Cybersecurity Framework 2.0 Community Profile

Date Published: January 13, 2025
Comments Due: March 14, 2025
Email Comments to: ransomware@nist.gov

Author(s)

Murugiah Souppaya (NIST), William Barker (Dakota Consulting), William Fisher (NIST), Karen Scarfone (Scarfone Cybersecurity)

Announcement

This draft Ransomware Community Profile reflects changes made to the Cybersecurity Framework (CSF) from CSF 1.1 to CSF 2.0 which identifies security objectives that support managing, detecting, responding to, and recovering from ransomware events. Ransomware can attack organizations of all sizes from any sector. You can use this publication to gauge your organization’s readiness to counter ransomware threats, mitigate potential consequences of a ransomware event, and to develop a ransomware countermeasure playbook.

Per the "Note to Reviewers" starting on line 104 of the draft, NIST is interested in answers to the following questions:

  1. What elements of this Community Profile have been helpful?
  2. Where could this Community Profile be improved?
  3. Are supplemental documents, such as quick start guides, useful? If so, how? If not, why?
  4. What type of prioritization would be most helpful? Control baselines? high/medium/low criticality? Mapping to specific organizational outcomes? Other?
  5. What other ransomware resources have you or your organization used to improve your ransomware risk mitigation strategy? How have those resources been helpful?

General comments on the draft are also welcome.

The public comment period is open now until March 14, 2025. Please send your feedback about this draft and what content would be most valuable in future NIST ransomware guidance to ransomware@nist.gov.  

NOTE: A call for patent claims is included on page iii of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy – Inclusion of Patents in ITL Publications.

Abstract

Keywords

Cybersecurity Framework; detect; identify; protect; ransomware; recover; respond; risk; security
Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.IR.8374r1.ipd
Download URL

Supplemental Material:
Ransomware Protection and Response project

Document History:
01/13/25: IR 8374 Rev. 1 (Draft)

Topics

Security and Privacy

ransomware

Applications

cybersecurity framework