The National Institute of Standards and Technology (NIST) develops cybersecurity standards, guidelines, best practices, and other resources to meet the needs of the US industry, federal agencies, and the broader public. Our work ranges from specific information that can be put into practice immediately to longer-term research that anticipates advances in technologies and future challenges.

As part of our efforts to cultivate trust in information, systems, and technologies, and to help organizations measure and manage risk, we carry out cybersecurity assignments defined by federal statutes, executive orders, and policies, including developing cybersecurity standards and guidelines for federal agencies.

Our cybersecurity activities are driven by the needs of the US industry, government agencies, and the broader public, and they are undertaken only if our expertise is appropriate for NIST—which is a non-regulatory agency—and can make a difference. We manage very few operational programs, recognizing that other agencies and organizations focus on those aspects of cybersecurity, often using NIST-developed resources to inform their work.

Ransomware is a type of malicious attack where attackers encrypt an organization’s data and demand payment to restore access. Attackers may also steal an organization’s information and demand an additional payment in return for not disclosing the information to authorities, competitors, or the public.

This Ransomware Profile identifies the Cybersecurity Framework Version 1.1 security objectives that support identifying, protecting against, detecting, responding to, and recovering from ransomware events. The profile can be used as a guide to managing the risk of ransomware events. That includes helping to gauge an organization’s level of readiness to counter ransomware threats and to deal with the potential consequences of events.