U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

White Paper (Draft)

Securing Data Integrity Against Ransomware Attacks: Using the NIST Cybersecurity Framework and NIST Cybersecurity Practice Guides

Date Published: October 1, 2020
Comments Due: November 13, 2020 (public comment period is CLOSED)
Email Questions to: ds-nccoe@nist.gov

Author(s)

Jennifer Cawthra (NIST), Michael Ekstrom (MITRE), Lauren Lusty (MITRE), Julian Sexton (MITRE), John Sweetnam (MITRE), Anne Townsend (MITRE)

Announcement

The National Cybersecurity Center of Excellence (NCCoE) at NIST is actively engaged in helping organizations address the challenge of ransomware and other data integrity events through the Data Integrity projects. These projects help organizations implement technical capabilities that address data integrity issues. The objective of this document is to provide an overview of these Data Integrity projects, provide a high-level explanation of the architecture and capabilities, and explain how these projects can be brought together into one comprehensive data integrity solution.

We encourage you to submit comments either by email or by using the online comment submission form.

Abstract

Keywords

data integrity; data security; malware; ransomware; security architecture
Control Families

System and Information Integrity

Documentation

Publication:
White Paper (DOI)

Supplemental Material:
Local Download (pdf)
Submit comments (web)
Project homepage (web)

Related NIST Publications:
SP 1800-11
SP 1800-25 (Draft)
SP 1800-26 (Draft)

Document History:
10/01/20: White Paper (Draft)

Topics

Security and Privacy
general security & privacy; threats

Applications
cybersecurity framework