NIST's National Cybersecurity Center of Excellence (NCCoE)—in collaboration with members of the business community and vendors of cybersecurity solutions—has built example solutions to address the data integrity challenges posed by ransomware and other destructive events. These are described in NIST Special Publication (SP) 1800-25, Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events, and SP 1800-26, Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events.
Ransomware, destructive malware, insider threats, and even honest user mistakes present ongoing threats to organizations. All types of data are potential targets of data corruption, modification, and destruction.
Formulating a defense against these threats requires thorough knowledge of the assets within the enterprise and protection of these assets against data corruption and destruction. Furthermore, quick, accurate, and thorough detection and response to a loss of data integrity can save an organization time, money, and headaches.
These two new publications complement SP 1800-11, which addresses recovering from ransomware and other destructive events. For more details and links to related efforts, see the Data Security program page.