Ransomware Risk Management

The National institute of Standards and Technology (NIST) has released a new document called: cybersecurity framework profile for ransomware risk management. The document contains detailed steps that you can take to reduce the risk of infection and it has was to prevent ransomware attacks. 

They outline these basics

NIST has provided the basic and best approach to preventing, mitigating and protecting critical data against  ransomware events and they recommend the following: 

  • Use Antivirus Software to scan your system, emails and flash drives.
  • Keep Systems up to date and all software fully patched.
  • Use a services or products that blocks access to ransomware sites.
  • Put a policy in place that only allows authorized apps to be used in computers.
  • Restrict personal devices to internal network access resources.
  • Do not provide users with local administrative privileges.
  • Block use of personal apps on work computer for example: email, chat, social media.
  • Provide training regarding what to do with unknow sources.
  • Create an incident recovery plan.
  • Make sure to create a backup plan. Run backups and test your backups.
  • Maintain an updated emergency contact list.


If you would like to review the document entirely feel free to click here to download


If you need help or have any questions please feel free to contact me. If you would like to be notified of when I create a new post you can subscribe to my blog alert. 

Discover more from Patrick Domingues

Subscribe to get the latest posts to your email.

author avatar
Patrick Domingues

Leave a Comment

Stay Informed

Receive instant notifications when new content is released.