Date Published: November 2017
Comments Due: December 12, 2017 (public comment period is CLOSED)
Email Questions to: di-nccoe@nist.gov
, , , ,
This project from the National Cybersecurity Center of Excellence (NCCoE) will detail methods and potential tool sets that can detect, mitigate, and contain data integrity events in the components of an enterprise network. It will also identify tools and strategies to aid in a security team’s response to such an event. The project will result in a freely available NIST Cybersecurity Practice Guide, documenting an example solution that demonstrates how to perform the following actions:
Contingency Planning; Incident Response; System and Information Integrity; Audit and Accountability; Access Control; Configuration Management; Assessment, Authorization and Monitoring; Risk Assessment; Program Management; Physical and Environmental Protection; Media Protection; Maintenance; Identification and Authentication; System and Communications Protection; System and Services Acquisition
Publication:
Project Description
Supplemental Material:
Submit Comments (other)
Project homepage (other)
Related NIST Publications:
Document History:
11/28/17: White Paper (Draft)
02/07/18: White Paper (Final)
Security and Privacy
access control; audit & accountability; contingency planning; incident response; maintenance; media protection; physical & environmental protection; planning; program management; risk assessment; system authorization; threats; vulnerability management
Laws and Regulations
Cybersecurity Strategy and Implementation Plan; Federal Information Security Modernization Act