Destructive malware, ransomware, malicious insider activity, and even honest mistakes all set the stage for why organizations need to quickly recover from an event that alters or destroys data. Businesses must be confident that recovered data is accurate and safe.
This NIST Cybersecurity Practice Guide—Special Publication (SP) 1800-11, Data Integrity: Recovering from Ransomware and Other Destructive Events—demonstrates how organizations can develop and implement appropriate actions following a detected cybersecurity event. The solutions outlined in this guide encourage monitoring and detecting data corruption in commodity components as well as custom applications and data composed of open-source and commercially available components.