Cybersecurity threats are nothing new. There have been so many media reports about data breaches and how they affect our daily lives that it can be overwhelming. Can organizations stop these breaches before our financial, health, and other personal information is compromised? How? If a breach is occurring, how does an organization find out quickly? And if a breach has already happened, how can we respond?
These questions — and many others — are being tackled every day by the Data Security team at NIST’s National Cybersecurity Center of Excellence (NCCoE). This team produces guidance to help organizations maintain the confidentiality, integrity, and availability of their data in a manner consistent with the NCCoE Healthcare Team and other industry sector groups that focus on at-risk consumer and patient data.
In 2017, NIST published Special Publication 1800-11, Data Integrity: Recovering from Ransomware and Other Destructive Events, a practical, hands-on guide that provides example solutions organizations can use to help recover from data breaches. The team received positive feedback and several requests: How can we identify and protect our assets against these breaches before they have a chance to happen? And can we detect, contain, and respond to data integrity events while they are happening? Knowing how to recover from these events is essential.
The Data Security team stepped up to the challenge and proposed two new projects and developed two project descriptions. Alongside technology collaborators, the team started working on the example solutions needed to develop two additional NIST practice guides: Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events and Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events.
Specifically, how will these practice guides help organizations? Reducing the likelihood of destructive events like a cyberattack is best accomplished by implementing a cyber defense strategy, and the examples in these guides provide the tools to do that. A cyber defense strategy allows organizations to develop inventory systems and identify vulnerabilities before an attack. But should an attack happen, these solutions help organizations analyze, mitigate, and contain those events. This can lessen the impact on worker productivity and reduce or avoid any financial or reputational damage.
These two data integrity practice guides will be publicly available in the coming months. But the Data Security team isn’t done. This time, the team is concentrating on two more projects that focus specifically on data confidentiality. The draft project descriptions for Data Confidentiality: Identifying and Protecting Assets and Data Against Data Breaches and Data Confidentiality: Detect, Respond to, and Recover from Data Breaches were released this past summer. The team has incorporated public comments and will release a Federal Register Notice soon. At that point, they can identify technology collaborators and begin to build the next set of example solutions.
Keep an eye on the NCCoE Data Security page to watch the progress of these (and future) projects. And if you’d like to participate by providing comments, offer suggestions for future topics, or help build projects, please email ds-nccoe [at] nist.gov to join our Community of Interest!