NIST Releases New “Cybersecurity Framework Profile for Ransomware Risk Management” to Battle Growing Threat of Ransomware Attacks

Faegre Drinker Biddle & Reath LLP

Faegre Drinker Biddle & Reath LLP

Ransomware incidents continue to be on the rise, wreaking havoc for organizations globally. Ransomware attacks target an organization’s data or infrastructure, and, in exchange for releasing the captured data or infrastructure, the attacker demands a ransom. This creates a dilemma for organizations — the decision to pay the ransom, relying on the attacker to release the data as they say, or to reject the ransom demand and try to restore the data or operations on their own.

On the heels of new federal actions related to cyber security, the National Institute of Standards and Technology (NIST) recently issued a Cybersecurity Framework Profile for Ransomware Risk Management (Ransomware Profile), currently designated as “NISTIR 8374.” This new Ransomware Profile “maps security objectives” from the Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 (Cybersecurity Framework). The Ransomware Profile “can be used as a guide to managing the risk of ransomware events” and can help “gauge an organization’s level of readiness to mitigate ransomware threats and to react to the potential impact of events.”

This is the second cybersecurity framework profile recently released by NIST to help reverse ransomware attacks. In late 2020, NIST released its “Zero Trust Architecture” framework as an additional alternative to ransomware defense. To learn more about NIST’s Zero Trust Architecture model,  read here.

This new NIST Ransomware Cybersecurity Framework Profile is composed of three unique parts:

  • The Framework Core
  • The Framework Implementation Tiers
  • The Framework Profile

Additionally, the Framework Core includes five parts, intended to be concurrent and continuous functions that adopting entities should employ:

  • Identify
  • Protect
  • Detect
  • Respond
  • Recover

These functions “provide a high-level, strategic view of the lifecycle of an organization’s management of cybersecurity risk” and, to simplify what NIST is propounding, the Ransomware Profile expands on the Cybersecurity Framework by using the five parts of the Framework Core to offer practical steps that organizations can take to safeguard their networks from potential ransomware attacks.

Recognizing the difficulty in implementing reliable ransomware safeguards, the Ransomware Profile also recommends that all organizations implement the following basic protections as soon as possible to protect themselves from cyberattack:

  • Use antivirus software at all times
  • Keep computers fully patched
  • Segment networks as applicable
  • Continuously monitor directory services (and other primary user stores)
  • Block access to potentially malicious web resources
  • Allow only authorized apps
  • Use standard user accounts
  • Restrict personally owned devices
  • Avoid using personal apps—such as email, chat, and social media—on work computers
  • Educate employees about social engineering
  • Assign and manage credential authorization

NIST is upping the ante in the battle against the growing threat of ransomware attacks. As cyber attackers continue to expand and morph their strategies to find new ways to attack organizations throughout the country, NIST is increasing its defensive cyber framework strategies. NIST has now issued two new frameworks to provide guidance on keeping organizations and their data and operations safe, particularly against ransomware attacks. Using due diligence to ensure that organizations take all possible steps is key to limiting cyberattacks and mitigating the attacks that will inevitably happen.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Faegre Drinker Biddle & Reath LLP | Attorney Advertising

Written by:

Faegre Drinker Biddle & Reath LLP

Faegre Drinker Biddle & Reath LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide