Date Published: December 13, 2023
Comments Due:
Email Questions to:
Planning Note (01/18/2024):
The public comment period has been extended through January 24, 2024.
Author(s)
William Fisher (NIST), R. Craft (MITRE), Michael Ekstrom (MITRE), Julian Sexton (MITRE), John Sweetnam (MITRE)
Announcement
In our increasingly digital world, data has become one of the most valuable assets for individuals and organizations alike. At the same time, data breaches have become all too common, with consequences that can be devastating. With this growing reliance on data comes the pressing need for cybersecurity and privacy controls to achieve confidentiality.
In response, the NIST National Cybersecurity Center of Excellence (NCCoE) has worked closely with the industry and tech community to develop two draft NIST Special Publications (SP):
These guides provide recommendations on how to prevent and recover from data breaches, including cybersecurity and privacy considerations to prepare for data breaches and specific technical direction for implementation.
We Want to Hear from You!
The NCCoE is making volumes A-C available as drafts for public comment. Review the drafts and submit comments online by January 24 January 15, 2024.
We welcome your input and look forward to your comments. We invite you to connect with us at ds-nccoe@nist.gov or join our Community of Interest to receive news and updates about this project.
Attacks that target data are of concern to companies and organizations across many industries. Data breaches represent a threat that can have monetary, reputational, and legal impacts. This guide seeks to provide guidance concerning the threat of data breaches, exemplifying standards and technologies that are useful for a variety of organizations defending against this threat. Specifically, this guide seeks to help organizations identify and protect assets, including data, against a data confidentiality attack.
Attacks that target data are of concern to companies and organizations across many industries. Data breaches represent a threat that can have monetary, reputational, and legal impacts. This guide seeks to provide guidance concerning the threat of data breaches, exemplifying standards and...
See full abstract
Attacks that target data are of concern to companies and organizations across many industries. Data breaches represent a threat that can have monetary, reputational, and legal impacts. This guide seeks to provide guidance concerning the threat of data breaches, exemplifying standards and technologies that are useful for a variety of organizations defending against this threat. Specifically, this guide seeks to help organizations identify and protect assets, including data, against a data confidentiality attack.
Hide full abstract
Keywords
asset management; cybersecurity framework; data breach; data confidentiality; data protection; identify; malicious actor; malware; protect; ransomware
Control Families
None selected
