The National Institute of Standards and Technology (NIST) recently published new draft guidance to help organizations defend against, manage, and recover from a ransomware attack.
The draft guidance, The Cybersecurity Framework Profile for Ransomware Risk Management, is intended to be used with the NIST Cybersecurity Framework as well as other guidance from NIST, the Department of Homeland Security, and the Federal Bureau of Investigation.
Organizations can use the draft guidance to improve their risk postures or implement a risk management framework that includes addressing ransomware. Planning can also help organizations that fall victim to a ransomware attack recover more quickly.
A revised copy of the draft guidance will be released based on feedback received before July 09, 2021.
A second commentary period will occur before the final document is published. Sarah Coble “NIST Publishes Ransomware Guidance” infosecurity-magazine.com (Jun. 22, 2021).
The NIST’s new ransomware draft guidance recommends that organizations do the following:
- Keep computers fully patched
- Install antivirus soft ware
- Block access to sites known to contain ransomware
- Only allow the use of authorized apps
- Conduct automatic scans of emails and flash drives
- Restrict the use of personal devices
- Limit accounts with administrative privileges
- Prohibit personal apps
- Provide security awareness training to employees to teach them about the danger of opening files or clicking on links in emails sent from an unknown source
- Develop an incident recovery plan and a comprehensive backup and restoration strategy and maintain a list of internal and external ransomware attack contacts that is kept updated
* Special thanks is given to The McCalmon Group, Inc., which has given us limited permission to reprint this article from www.mycommunityworkplace.org