We recommend the DHS Chief Information Officer (CIO) update policies and procedures to implement National Institute of Standards and Technology standards to facilitate recovery from an adverse event and maintain operations during malware, ransomware, and phishing attacks.