Data Security

Data security is the process of maintaining the confidentiality, integrity, and availability of an organization’s data in a manner consistent with the organization’s risk strategy. Preventing unauthorized access, data corruption, and denial of service attacks are all important tenets of data security and an essential aspect of IT for organizations of every size and type. Consistent, reliable, and secure access to database records, system files, user files, and customer data is necessary to prevent data from becoming vulnerable to attack. Before an incident begins, companies must have a security architecture and response plan in place. Once an incident occurs, they must be able to detect the event and respond accordingly. After the incident, the company must be able to effectively and efficiently recover.

In accordance with this methodology, the Data Security program at the NCCoE has produced guidance for both data integrity and data confidentiality. Each will consist of a series of publications that work together to identify, protect, detect, respond to and recover from critical events.

If you have questions or would like to join our Community of Interest, please email the project team at ds-nccoe@nist.gov.

Data Integrity: Cybersecurity White Paper

Providing an overview of the three Data Integrity projects and how they align with the NIST Cybersecurity Framework. Download the paper here. 

Data Integrity: Identifying and Protecting

Exploring methods to effectively identify and protect assets against data integrity attacks. Learn more about this project and download the NIST Cybersecurity Practice Guide 1800-25.

Data Integrity: Detecting and Responding

Detailing methods and potential tool sets that can detect, mitigate, and contain data integrity events. Learn more about this project and download the NIST Cybersecurity Practice Guide 1800-26.

Data Integrity: Recovering

Effectively recover from a data corruption event in various Information Technology (IT) enterprise environments. Learn more about this project and download the NIST Cybersecurity Practice Guide 1800-11.

Data Confidentiality: Identifying and Protecting

Exploring methods to effectively identify and protect assets against data confidentiality attacks. Learn more about this project.

Data Confidentiality: Detect, Respond, and Recover

Identifying methods to efficiently detect, respond, and recover from data confidentiality attacks. Learn more about this project.

Related News & Events

National Cybersecurity Center of Excellence Issues Guidance on ‘Securing Data Integrity Against Ransomware Attacks’
December 10, 2020
Cybersecurity Practice Guides for Securing Data Integrity Against Ransomware Attacks
December 09, 2020
NIST Cybersecurity Practice Guides for Securing Data Integrity Against Ransomware Attacks
December 08, 2020
NCCoE Issues Paper to Address Ransomware, Other Data Integrity Events
October 02, 2020
NIST Guide to Help Orgs Recover from Ransomware, Other Data Integrity Attacks
September 24, 2020
View More