NIST Introduces NISTIR 8374 to Tackle Ransomware Risk Management

On June 9th, 2021, the National Institute of Standards and Technology (NIST) released its preliminary draft for the Cybersecurity Framework Profile for Ransomware Risk Management (NISTIR 8374), a new ransomware risk management framework.

This framework allows organizations to assess their ransomware readiness and protections through a defined control framework. The framework utilizes NIST’s already popular Cybersecurity Framework (CSF) as a base to leverage its control existing mappings. The full NISTIR 8374 draft is available at csrc.nist.gov/CSRC/media/Publications/nistir/draft/documents/NIST.IR.8374-preliminary-draft.pdf and the abstract reads:

Ransomware is a type of malicious attack where attackers encrypt an organization’s data and demand payment to restore access. In some instances, attackers may also steal an organization’s information and demand an additional payment in return for not disclosing the information to authorities, competitors, or the public. This Ransomware Profile identifies the Cybersecurity Framework Version 1.1 security objectives that support preventing, responding to, and recovering from ransomware events. The profile can be used as a guide to managing the risk of ransomware events. That includes helping to gauge an organization's level of readiness to counter ransomware threats and to deal with the potential consequences of events.

For those that have not used the CSF prior, the CSF focuses on 5 categories (Identify, Protect, Detect, Respond, and Recover) which under them contain numerous subcategories.  These subcategories are then mapped to specific controls under various frameworks such as NIST 800-53, COBIT 5, ISO, CIS CSC and ISA.  By leveraging this existing control framework, NIST utilized the existing control mapping to both NIST 800-53 and ISO 27001 and then selected specific controls from each of these that focus on policy and processes related to ransomware prevention and incident response.  An organization wanting to assess its capabilities would then focus on either the NIST 800-53 or ISO defined controls, based on their internal selected control framework.

NIST is currently seeking public feedback on the framework up to July 9th, 2021, from which they will review and potentially edit the framework based on the feedback.  While it cannot be determined how much will change based on public comments, the expectation is that it will not be substantial when the framework is finalized.  If your organization has concerns around ransomware protection, detection, and response, NIST has got your back with another one of their industry recognized frameworks.

About Schneider Downs Cybersecurity

The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. For more information, visit www.schneiderdowns.com/cybersecurity or contact the team at [email protected].

In addition, our Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2021 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

our thoughts on
TSA Issues Second Cybersecurity Directive for Pipeline Owners and Operators
Benefits of a Purple Team Assessment
Understanding Windows 11 TPM Support Requirements
Jen Easterly Named Director of the Cybersecurity and Infrastructure Security Agency
Summertime, Learning Strides, and Cybersecurity
Register to receive our weekly newsletter with our most recent columns and insights.
Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us
contact us
Map of Pittsburgh Office
Pittsburgh

One PPG Place, Suite 1700
Pittsburgh, PA 15222

[email protected]
p:412.261.3644     f:412.261.4876

Map of Columbus Office
Columbus

65 East State Street, Suite 2000
Columbus, OH 43215

[email protected]
p:614.621.4060     f:614.621.4062

Map of Washington Office
Washington, D.C.

1660 International Drive, Suite 600
McLean, VA 22102

[email protected]
p:571.380.9003

This site uses cookies to ensure that we give you the best user experience. Cookies assist in navigation, analyzing traffic and in our marketing efforts as described in our Privacy Policy.

×