The “Ransomware Risk Management: A Cybersecurity Framework 2.0 Community Profile” is a NIST publication that provides organizations with a practical guide to managing ransomware risks using the updated NIST Cybersecurity Framework 2.0. The document outlines how to align ransomware prevention, mitigation, and response objectives with the framework’s core functions: Govern, Identify, Protect, Detect, Respond, and Recover. It highlights priority categories and subcategories from CSF 2.0 that are especially relevant for ransomware risk, such as risk management strategy, identity and access management, incident response, and recovery planning. The profile helps organizations assess their current readiness, identify gaps, and develop tailored countermeasure playbooks to strengthen resilience against ransomware attacks5. By mapping ransomware-specific needs to the broader CSF 2.0, it enables organizations to prioritize and improve their security posture and operational resilience.
Publication's URL
https://csrc.nist.gov/pubs/ir/8374/r1/ipdAdditional documents on this topic
- CRI Cyber Risk Institute Profile for Financial Sector v2.1 ★★★★★
- NIST IR 8596 Cybersecurity Framework Profile for Artificial Intelligence (Cyber AI Profile): NIST Community Profile ★★★★★
- CIS Controls v8.1 Mapping to NIST CSF 2.0
- NIST CSF 2.0 Mapping to ISO 27002:2022
- ANSSI Cyber threat overview 2024 (in 2025)