The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) today issued a new draft paper to help organizations address ransomware and other data integrity events.
“The objective of this document is to provide an overview of these Data Integrity projects; provide a high-level explanation of the architecture and capabilities; and explain how these projects can be brought together into one comprehensive data integrity solution,” the draft paper says.
NCCoE is seeking comment on the paper – The Securing Data Integrity Against Ransomware Attacks: Using the NIST Cybersecurity Framework and NIST Cybersecurity Practice Guides – through November 13. It is meant to provide an overview of Data Integrity projects that help organizations implement technical capabilities to address data integrity issues.
“[NCCoE at [NIST] is actively engaged in helping organizations address the challenge of ransomware and other data integrity events through the Data Integrity projects,” the draft paper says. It also adds that “ransomware is one of the many use-case examples in these projects.”
Among other efforts by the NCCoE to help organizations with Data Integrity, the draft paper provides an overview of three data integrity projects that align with the functions of the NIST Cybersecurity Framework. The projects include Special Publication (SP) 1800-25 Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events; SP 1800-26 Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events; and SP 1800-11 Data Integrity: Recovering from Ransomware and Other Destructive Events.