This guide updates the Joint Cybersecurity and Infrastructure Security Agency (CISA) and Multi-State Information Sharing & Analysis Center (MS-ISAC) Ransomware Guide released in September 2020, developed through the JRTF.

These ransomware and data extortion prevention and response best practices and recommendations are based on operational insight from CISA, MS-ISAC, the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI), hereafter referred to as the authoring organizations.

This guide includes two primary resources:

  • Part 1: Ransomware and Data Extortion Prevention Best Practices
  • Part 2: Ransomware and Data Extortion Response Checklist