U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST CSWP 17 (Initial Public Draft)

Securing Data Integrity Against Ransomware Attacks: Using the NIST Cybersecurity Framework and NIST Cybersecurity Practice Guides

Date Published: October 1, 2020
Comments Due: November 13, 2020 (public comment period is CLOSED)
Email Questions to: ds-nccoe@nist.gov

Author(s)

Jennifer Cawthra (NIST), Michael Ekstrom (MITRE), Lauren Lusty (MITRE), Julian Sexton (MITRE), John Sweetnam (MITRE), Anne Townsend (MITRE)

Announcement

The National Cybersecurity Center of Excellence (NCCoE) at NIST is actively engaged in helping organizations address the challenge of ransomware and other data integrity events through the Data Integrity projects. These projects help organizations implement technical capabilities that address data integrity issues. The objective of this document is to provide an overview of these Data Integrity projects, provide a high-level explanation of the architecture and capabilities, and explain how these projects can be brought together into one comprehensive data integrity solution.

We encourage you to submit comments either by email or by using the online comment submission form.

Abstract

Keywords

data integrity; data security; malware; ransomware; security architecture
Control Families

System and Information Integrity

Documentation

Publication:
https://doi.org/10.6028/NIST.CSWP.17.ipd
Download URL

Supplemental Material:
Local Download (pdf)
Project homepage

Related NIST Publications:
SP 1800-11
SP 1800-25 (Draft)
SP 1800-26 (Draft)

Document History:
10/01/20: CSWP 17 (Draft)

Topics

Security and Privacy

general security & privacy, threats

Applications

cybersecurity framework