Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
The NIST NCCoE has published the final version of NIST Interagency Report (IR) 8374 Revision 1, Ransomware Risk Management: A Cybersecurity Framework (CSF) 2.0 Community Profile. This resource translates the NIST CSF 2.0 into practical actions organizations and individuals can take to proactively manage and mitigate the risk of ransomware events.
Ransomware attacks can devastate organizations of any size across all sectors, making it imperative to assess and improve readiness to counter these threats and mitigate their impact. Originally developed based on NIST CSF 1.1, this profile has been updated to align with the NIST CSF 2.0, ensuring it provides the most current guidelines on managing ransomware risk.
This profile was developed in collaboration with industry to align organizations’ real-world ransomware prevention and mitigation requirements, objectives, risk appetite, and resources with the elements of the NIST CSF 2.0. Organizations can use this document to evaluate current ransomware defenses and identify priority actions to strengthen their resilience against ransomware.
Download the Publication Today!
We encourage you to download the publication today to inform your ransomware countermeasure playbook. If you have any questions, contact the team at ransomware [at] nist.gov (ransomware[at]nist[dot]gov).