nist building

Federal Institute Releases Guidelines For How To Respond To Ransomware Attacks

The report, prepared by the National Institute of Standards and Technology, tested a variety of cybersecurity solutions in different IT environments to find out which methods were most effective in fighting ransomware.

  • By Haley Samsel
  • Jan 29, 2020

In response to growing ransomware attacks on businesses and governments small and large, the National Institute of Standards and Technology (NIST) has released draft guidelines to help organizations prepare for “data integrity cybersecurity events” that threaten their operations.

On Monday, the National Cybersecurity Center of Excellence, housed within NIST, issued a framework aimed at assisting firms in developing a strategy for detecting and responding to cyber attacks and ensuring that data critical to their operations and revenue is protected, according to the report.

The center built a laboratory environment to explore 31 methods of responding to cybersecurity incidents in various IT environments “to immediately react to the event in an effort to prevent a complete compromise,” the report reads.

“Destructive malware, ransomware, malicious insider activity, and even honest mistakes all set the stage for why organizations need to quickly detect and respond to an event that impacts data integrity,” the NCCoE authors write. “Businesses must be confident that these events are detected quickly and responded to appropriately.”

The project was part of a partnership with several vendors that offered commercial products for testing as part of the cybersecurity center’s research. Cisco, Tripwire and Symantec were among the companies involved.

The free guide, which will be available for public comment through Feb. 26, focused specifically on potential tool sets for mitigating and containing cybersecurity attacks as well as what strategies security teams could adopt to respond.

“Organizations that do not implement detection and response solutions leave themselves at risk for many types of data integrity attacks,” the authors write, noting that risks could be reduced with integrity monitoring, event detection, vulnerability management, reporting capabilities and more.

Security teams and organization leaders can read the full report and provide public comment through NIST’s website.

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • 2024 Gun Violence Report: Fewer Overall Incidents, but School Deaths and Injuries Are on the Rise

    Omnilert, provider of gun detection technology, today released its compilation of Gun Violence Statistics for 2024 summarizing gun violence tragedies and their adverse effects on Americans and the economy. While research showed a decrease in overall deaths and injuries, the rising number of school shootings and fatalities and high number of mass shootings underscored the need to keep more people safe in schools as well as places of worship, healthcare, government, retail and commerce, finance and banking, hospitality and other public places. Read Now

  • Survey: Only 7 Percent of Business Leaders Using AI in Physical Security

    A new survey from Pro-Vigil looks at video surveillance trends, how AI is impacting physical security, and more. Read Now

  • MetLife Stadium Uses Custom Surveillance Solution from Axis Communications

    Axis Communications, provider of video surveillance and network devices, today announced the implementation of a custom surveillance solution developed in collaboration with the MetLife Stadium security team. This new, tailored solution will help the venue augment its security capabilities, providing high-quality video at unprecedented distances and allowing the security team to identify details from anywhere in the venue. Read Now

  • U.S. Cyber Trust Mark Launches for Consumer Internet-Connected Devices

    The White House recently announced the launch of a cybersecurity label for internet-connected devices, known as the U.S. Cyber Trust Mark, completing public notice and input over the last 18 months. During that time, FCC Commissioners decided in a bipartisan and unanimous vote to authorize the program and adopt final rules, as well as the trademarked, distinct shield logo that will be applied to products certified for the U.S. Cyber Trust Mark label. Read Now

Most   Popular

Featured Cybersecurity

Webinars

New Products

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3