The Institute for Security and Technology’s Ransomware Task Force has put together a collection of key educational resources on ransomware including guides for enhanced defense, official guidance from the United States and other government across the country, and other valuable cyber hygiene tips.
IST’s Resources
Prepare, Don’t Pay: A Quick-Start to Defending Against Ransomware
Written for the small business owner, this quick-start guide breaks down important components of the Blueprint for Ransomware Defense and its underlying core technical concepts, critical Safeguards and defensive measures, and explains how you can make the Blueprint work for your small- or medium-sized enterprise.
August 2024 | Blog
Putting the Blueprint for Ransomware Defense to the Test
One year after the release of the Blueprint for Ransomware Defense, IST worked with cyber insurance company Resilience to test the framework’s effectiveness in protecting enterprises against ransomware attacks. In a review of 38 attacks, IST’s Zoë Brammer found that 68% could have been prevented by proper implementation of the Blueprint’s Safeguards.
August 2023 | Report
Webinar Series: Blueprint for Ransomware Defense
In Fall 2023, IST’s Ransomware Task Force, along with other members of the Blueprint for Ransomware Defense Working Group, hosted a series of webinars to guide users and implementation specialists through the Blueprint’s various Safeguards. The sessions added depth as to why each Safeguard was selected, best practices for planning and implementation, and discussion on available tools to help.
November – December 2022 | Webinar
Blueprint for Ransomware Defense
The Ransomware Task Force called for the cybersecurity community to “develop a clear, actionable framework for ransomware mitigation, response, and recovery.” The basis for this Blueprint for Ransomware Defense is the CIS Controls, a set of well-regarded and widely-used best practices that help enterprises focus their resources on the critical actions needed to defend against the most common cyber attacks. It includes a subset of these best practices, or “Safeguards,” that are most relevant to combating ransomware.
August 2022 | Report
Partner resources
Title | Description | Organization | Publication |
How to Recover from Password Exposure | A free guide that offers steps for recovering from such incidents where your password may have bene exposed. | Global Cyber Alliance (GCA) | June 2024 |
A Guide to Ransomware | A guide for UK users on what ransomware is, how it happens, whether to pay a ransom, how to monitor for ransomware, and more. | National Cyber Security Centre (NCSC) | Updated May 2024 |
NIST Cybersecurity Framework 2.0 | The NIST Cybersecurity Framework 2.0 provides guidance to industry, government agencies, and other organizations to manage cybersecurity risks. | National Institute of Standards and Technology (NIST) | February 2024 |
Ransomware – Cyber Threats | Guidance on preventative measures against ransomware, as well as other cyber threats. | Swiss National Cyber Security Centre | December 2023 |
Our Your Own Online | Step-by-step response guides, advisories, and threat updates to raise understanding of cyber security issues for individuals and businesses. | CERT NX | December 2023 |
Ransomware Portal | One-stop portal provides resources and aid to victims of #ransomware attacks, including a reporting mechanism, recovery support, and up-to-date info on ransomware trends. | Cyber Security Agency of Singapore | November 2023 |
#StopRansomware Guide | A one-stop resource to help organizations reduce the risk of ransomware incidents through best practices. | Cybersecurity and Infrastructure Agency (CISA) | Updated October 2023 |
How to Prevent and Respond to Ransomware | A guide on how to prevent and respond to ransomware. Available in French and English. | French Ministry of Justice | August 2023 |
How to Handle a Ransomware Attack | Spanish language recommendations for preventing attacks in order to promote an #InternetSeguroParaTodasYTodos. | Government of Mexico | February 2023 |
What is Ransomware? | Ransomware prevention and response guides designed for individuals, families and small and medium-sized businesses. | Australian Cyber Security Centre | Updated 2023 |
CIS Controls IG1 Policy Templates | Draft policy template to help businesses implement the CIS Critical Security Controls. | Center for Internet Security (CIS) | November 2022 |
Ransomware Playbook | Resources for Canadian users on defending against and recovering from ransomware, types of back-ups, incident response plans, key security controls, and more. | Canadian Centre for Cyber Security | November 2021 |
Cybersecurity Toolkit for Small Businesses | A free, effective, 6-step toolkit for use today to take immediate action to reduce your cyber risk. | Global Cyber Alliance (GCA) | Feburary 2019 |
Ransomware: How to React | Spanish language instructions on how to handle a ransomware attack. | Government of Argentina | |
Ransomware Help | A Spanish-language step-by-step guide for victims of ransomware, including instructions for who to contact, when, and how. | Spanish National Cybersecurity Institute |