U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

NIST IR 8374r1 Ransomware Risk Management: A Cybersecurity Framework 2.0 Community Profile

Published

Author(s)

William Fisher, Murugiah Souppaya, William Barker, Karen Kent

Abstract

Ransomware is a type of malicious attack where attackers encrypt an organization's data and demand payment to restore access. Attackers may also steal an organization's information and demand an additional payment in return for not disclosing the information to authorities, competitors, or the public. This Cybersecurity Framework (CSF) 2.0 Community Profile identifies the security objectives from the NIST CSF 2.0 that support governing management of, identifying, protecting against, detecting, responding to, and recovering from ransomware events. The Profile can be used as a guide to managing the risk of ransomware events. That includes helping to gauge an organization's level of readiness to counter ransomware threats and to deal with the potential consequences of events. This Profile can be leveraged in developing a ransomware countermeasure playbook.
Citation
NIST Interagency/Internal Report (NISTIR) - 8374r1
Report Number
8374r1
NIST Pub Series
NIST Interagency/Internal Report (NISTIR)
Pub Type
NIST Pubs

Download Paper

https://doi.org/10.6028/NIST.IR.8374r1
Local Download

Keywords

Cybersecurity Framework, detect, identify, protect, ransomware, recover, respond, risk, security.
Cybersecurity and privacy

Citation

Fisher, W. , Souppaya, M. , Barker, W. and Kent, K. (2026), NIST IR 8374r1 Ransomware Risk Management: A Cybersecurity Framework 2.0 Community Profile, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.IR.8374r1, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=960361 (Accessed June 12, 2026)
Additional citation formats

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created June 11, 2026
Was this page helpful?