Sources & further reading

A short list of credible, current resources used to maintain this playbook.

• CISA #StopRansomware — U.S. CISA hub of ransomware guidance, including the Joint CISA/MS-ISAC Ransomware Guide.
• NIST SP 800-61r3 (Incident Response, 2025) — Latest NIST guidance on incident response aligned with the Cybersecurity Framework 2.0.
• NIST IR 8374 — Ransomware Risk Management Profile — A CSF 2.0 community profile specifically for ransomware preparation, response, and recovery.
• EDUCAUSE Cybersecurity Resources — Higher-ed-specific cybersecurity guidance, articles, and benchmarks.
• EDUCAUSE Review: Higher-Ed Data Resilience (2025) — Discussion of immutable storage and backup strategies in higher education.
• Higher Ed Dive: Ransomware in Education, H1 2025 — Reporting on the scale and trends of ransomware affecting colleges and schools.
• GovTech: Education Ransomware Roundup 2025 — Summary of attack volume and the role of third-party software exploits in higher-ed exposures.
• FBI Internet Crime Complaint Center (IC3) — Where U.S. institutions can report cyber incidents to the FBI.

This list is reviewed quarterly. Suggest additions on GitHub Issues.