This document is intended for cybersecurity professionals, risk management officers, or other organization-wide decision makers considering the implementation of security controls to manage the risks associated with ransomware and other destructive events using the NIST cybersecurity framework in their organization.