IT and cybersecurity practitioners are responsible for the technical implementation of defensive technologies. Before a ransomware incident occurs, healthcare organizations should have an effective security architecture in place to identify, protect, detect, respond to and recover from ransomware. The NIST Ransomware Practice Guides below provide reference designs using existing commercial products that could aid an organization in remediating gaps in an organization’s cybersecurity implementation.
NIST SPECIAL PUBLICATION (SP) 1800-25
Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events
This NIST Ransomware Practice Guide shows how organizations can develop and implement appropriate actions/technologies to remediate gaps in an organization-cybersecurity implementation using existing commercial products, which can be deployed before a detected cybersecurity event.
NIST SPECIAL PUBLICATION (SP) 1800-11
Data Integrity: Recovering from Ransomware and Other Destructive Events
This NIST Ransomware Practice Guide shows how organizations can develop and implement appropriate actions and use various technologies to recover from a cybersecurity event.