Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
NIST NCCoE Published Inital Public Draft NIST IR 8374 Revision 1, Ransomware Risk Management: A Cybersecurity Framework 2.0 Community Profile
The NIST National Cybersecurity Center of Excellence (NCCoE) has published preliminary draft NIST Internal Report (NIST IR) 8374 Revision 1, Ransomware Risk Management: A Cybersecurity Framework 2.0 Community Profile for public comment.
Organizations at home and abroad use NIST IR 8374 to guard against ransomware. We are seeking your feedback on the publication’s contents and the future direction of NIST’s ransomware guidance.
NIST IR 8374 Revision 1 incorporates content from Cybersecurity Framework (CSF) 2.0—the updated version of CSF 1.1. The Cybersecurity Framework 2.0 Community Profile identifies security objectives from NIST CSF 2.0 that support managing, detecting, responding to, and recovering from ransomware events. You can also use this publication to gauge your organization’s readiness to counter ransomware threats, mitigate potential consequences of a ransomware event, and develop a ransomware countermeasure playbook.
Share Your Feedback
The public comment period is open now until March 14, 2025. Please send your feedback about this publication and what content would be most valuable in future NIST ransomware guidance to ransomware [at] nist.gov (ransomware[at]nist[dot]gov).
View the publication here: Ransomware Risk Management: A Cybersecurity Framework 2.0 Community Profile.
For more information about this project, visit NIST’s Computer Security Resource Center here: Ransomware Protection and Response.