Email this Article Email   

CHIPS Articles: NIST’s National Cybersecurity Center of Excellence releases two draft practice guides to protect data integrity

NIST’s National Cybersecurity Center of Excellence releases two draft practice guides to protect data integrity
By CHIPS Magazine - January 29, 2020
Network administrators and information security officers have an opportunity to assess new tools and guides to stem the steady flow of ransomware, malware, insider threats, and even honest user mistakes, which challenge businesses and government organizations alike. All types of data, such as database records, system files, configurations, user files, applications, and customer data, are potential targets of data corruption, modification and destruction, the National Institute of Standards and Technology reported.

Formulating a defense against these threats requires thorough knowledge of the assets within the enterprise and protection of these assets against data corruption and destruction.

Organizations that do not implement identification and protection solutions risk many types of data integrity attacks. These risks could be reduced using capabilities such as: secure storage; backup capabilities for databases; VMs, and file systems; log collection; asset inventory; and file integrity checking mechanisms.

Quick, accurate, and thorough detection and response to a loss of data integrity can save an organization time, money and worries. While human knowledge and expertise are essential components of a defense, the right tools and preparation are essential to minimizing downtime and losses due to data integrity incidents.

The NCCoE, in collaboration with the business community and cybersecurity solutions vendors, built example solutions to address these data integrity challenges in the draft pubs:

The public comment period for these two practice guides is open until Feb. 26, 2020. Please submit your comments by email to ds-nccoe@nist.gov or through the SP 1800-25 online comment form or the SP 1800-26 online comment form.

Interested in joining the Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events Community of Interest? Send an email to ds-nccoe@nist.gov.

More information can be found on the NCCoE website – https://www.nccoe.nist.gov/.

Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer