{"id":3038,"date":"2021-10-25T14:23:03","date_gmt":"2021-10-25T14:23:03","guid":{"rendered":"https:\/\/itegriti.com\/kw022024\/?p=3038"},"modified":"2021-10-26T12:33:25","modified_gmt":"2021-10-26T12:33:25","slug":"nist-releases-guidelines-for-managing-the-ransomware-risk","status":"publish","type":"post","link":"https:\/\/itegriti.com\/kw022024\/2021\/compliance\/nist-releases-guidelines-for-managing-the-ransomware-risk\/","title":{"rendered":"NIST Releases Guidelines for Managing the Ransomware Risk"},"content":{"rendered":"

The National Institute of Standards and Technology (NIST) has released the revised draft of NISTIR 8374<\/a> that defines a Ransomware Profile, which identifies security objectives from the NIST Cybersecurity Framework that support preventing, responding to, and recovering from ransomware events. The Ransomware Profile is intended for a general audience. Organizations such as small to medium-sized businesses (SMBs) and operators of industrial control systems (ICS) or operational technologies (OT) may also leverage this guidance and the Cybersecurity Framework.<\/p>\n

The Need for Concise Guidelines<\/h2>\n

This publication comes at a time when cybersecurity incidents and ransomware attacks against critical infrastructures are at all-time high. As Anna Ribeiro reported<\/a>, ransomware attacks have targeted the food sector, while another incident affected the Port of Houston.\u00a0 In the wake of these increased number of attacks targeting U.S. critical infrastructures, the Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly told the Senate<\/a> that \u201cwe are working to address our nation\u2019s shared cybersecurity risk. We must collectively and with great urgency strengthen our nation\u2019s cyber defenses, invest in new capabilities, and reimagine how we think about cybersecurity to recognize that all organizations are at risk and our efforts must focus on ensuring the resilience of essential services.\u201d<\/p>\n

This guidance is yet another indication that ransomware is the emerging leader in the rise of cyberattacks, and that your organization must take action to keep your data safe. Creating an effective security risk management program requires staying current with the latest threats, and then planning accordingly.<\/p>\n

As NIST notes in the draft publication \u201corganizations can follow recommended steps to prepare for and reduce the potential for successful ransomware attacks. This includes identifying and protecting critical data, systems, and devices; detecting ransomware events as early as possible (preferably before the ransomware is deployed); and preparing for responses to and recovery from any ransomware events that do occur.\u201d<\/p>\n

The Five Functions<\/h2>\n

The publication establishes the Ransomware Profile which serves as a guide to help organizations assess the state of their own readiness for a ransomware attack. The profile maps security objectives from the NIST Cybersecurity Framework (CSF) to security capabilities. Informed by NIST CSF, the Ransomware Profile is divided into five categories: identify, protect, detect, respond, and recover.<\/p>\n