Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST SP 1800-29 (Initial Public Draft)

Data Confidentiality: Detect, Respond to, and Recover from Data Breaches

Date Published: December 13, 2023
Comments Due: January 24, 2024 (public comment period is CLOSED)
Email Questions to: ds-nccoe@nist.gov

Planning Note (01/18/2024):

The public comment period has been extended through January 24, 2024.


Author(s)

William Fisher (NIST), R. Craft (MITRE), Michael Ekstrom (MITRE), Julian Sexton (MITRE), John Sweetnam (MITRE)

Announcement

In our increasingly digital world, data has become one of the most valuable assets for individuals and organizations alike. At the same time, data breaches have become all too common, with consequences that can be devastating. With this growing reliance on data comes the pressing need for cybersecurity and privacy controls to achieve confidentiality.

In response, the NIST National Cybersecurity Center of Excellence (NCCoE) has worked closely with the industry and tech community to develop two draft NIST Special Publications (SP):

These guides provide recommendations on how to prevent and recover from data breaches, including cybersecurity and privacy considerations to prepare for data breaches and specific technical direction for implementation.

We Want to Hear from You!

The NCCoE is making volumes A-C available as drafts for public comment. Review the drafts and submit comments online by January 24 January 15, 2024.

We welcome your input and look forward to your comments. We invite you to connect with us at ds-nccoe@nist.gov or join our Community of Interest to receive news and updates about this project.  

Abstract

Keywords

asset management; cybersecurity framework; data breach; data confidentiality; data protection; detect; malicious actor; malware; ransomware; recover; respond
Control Families

None selected

Documentation

Publication:
SP 1800-29 ipd (Complete Guide) (pdf)
SP 1800-29A ipd (pdf)
SP 1800-29B ipd (pdf)
SP 1800-29C ipd (pdf)

Supplemental Material:
Project homepage

Related NIST Publications:
SP 1800-28 (Draft)

Document History:
12/13/23: SP 1800-29 (Draft)
02/23/24: SP 1800-29 (Final)