Draft NISTIR 8170 provides guidance on how the Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework) can be used in the U.S. Federal Government in conjunction with the current and planned suite of NIST security and privacy risk management publications. The specific guidance was derived from current Cybersecurity Framework
Strengthening the Cybersecurity of federal networks and critical infrastructure.
This report was prepared pursuant to Section 401 of the Cybersecurity Act of 2015 (Consolidated Appropriations Act of 2016, Div. N, § 401, Pub. L. 114-113, 129 Stat. 2244, 2977-78 ).
NIST-approved cryptographic standards were designed to perform well on general-purpose computers. In recent years, there has been increased deployment of small computing devices that have limited resources with which to implement cryptography. When current NIST-approved algorithms can be engineered to fit into the limited resources of constrained
Symantec has released a detailed report on ransomware.
Ponemon Institute LLC released the findings of a survey they conducted sponsored by Carbonite. This report describes how companies are preparing for and dealing with ransomware attacks.
The New Jersey Cybersecurity & Communications Integration Cell keeps updated profiles on all known ransomware variants.
The Institute for Critical Infrastructure Technology released a report describing how ransomware has developed, the types of ransomware, how they are distributed, what the main targets are for ransomware, and what to do if your system is compromised.
Cisco released a guide describing ransomware and recommendations for preventing a ransomware infection.
The Office of the New York State Comptroller released a guide on ransomware, what to do before paying the ransom, and how to reduce your chances of falling victim to ransomware attacks.