U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST SP 1800-28 (Initial Public Draft)

Data Confidentiality: Identifying and Protecting Assets Against Data Breaches

Date Published: December 13, 2023
Comments Due: January 15, 2024
Email Comments to: ds-nccoe@nist.gov

Author(s)

William Fisher (NIST), R. Craft (MITRE), Michael Ekstrom (MITRE), Julian Sexton (MITRE), John Sweetnam (MITRE)

Announcement

In our increasingly digital world, data has become one of the most valuable assets for individuals and organizations alike. At the same time, data breaches have become all too common, with consequences that can be devastating. With this growing reliance on data comes the pressing need for cybersecurity and privacy controls to achieve confidentiality.

In response, the NIST National Cybersecurity Center of Excellence (NCCoE) has worked closely with the industry and tech community to develop two draft NIST Special Publications (SP):

These guides provide recommendations on how to prevent and recover from data breaches, including cybersecurity and privacy considerations to prepare for data breaches and specific technical direction for implementation.

We Want to Hear from You!

The NCCoE is making volumes A-C available as drafts for public comment. Review the drafts and submit comments online by January 15, 2024.

We welcome your input and look forward to your comments. We invite you to connect with us at ds-nccoe@nist.gov or join our Community of Interest to receive news and updates about this project.  

Abstract

Keywords

asset management; cybersecurity framework; data breach; data confidentiality; data protection; identify; malicious actor; malware; protect; ransomware
Control Families

None selected

Documentation

Publication:
SP 1800-28 ipd (Complete Guide) (pdf)
SP 1800-28A ipd (pdf)
SP 1800-28B ipd (pdf)
SP 1800-28C ipd (pdf)

Supplemental Material:
Project homepage

Related NIST Publications:
SP 1800-29 (Draft)

Document History:
12/13/23: SP 1800-28 (Draft)

Topics

Security and Privacy

general security & privacy, privacy controls, security controls

Applications

cybersecurity framework

Laws and Regulations

E-Government Act