Businesses face a near-constant threat of destructive malware, ransomware and malicious insider activities that can alter or destroy critical data. Even honest mistakes can alter data in ways that cause a significant loss to a company’s reputation, business operations and bottom line. To reduce this risk, organizations need to be able to recover quickly from a data integrity attack and trust the accuracy and precision of the recovered data.
The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) is seeking comments on a new project to help organizations prepare for, and recover from, attacks that might compromise their data.
The project is described in a draft whitepaper, Data Integrity: Reducing the Impact of an Attack, which describes the technical challenges of ensuring accurate and complete back-up data when recovering systems after an attack. It was developed with members of the business community, the Financial Services Information Sharing and Analysis Center (FS-ISAC) and cybersecurity solutions vendors.
“We are excited to be working with FS-ISAC and the broader consumer community to tackle this important, cross-sector cybersecurity challenge,” said Nate Lesser, NCCoE deputy director. “FS-ISAC has done important work to further the research and development of data integrity solutions for the financial services sector, and this collaboration is vital to this project’s development.”
The NCCoE Data Integrity project will explore methods to help businesses effectively recover operating systems, databases, user files, applications and software/system configurations. It also will explore issues of auditing and reporting to support recovery operations.
“Ensuring data integrity is about mitigating business risk and maintaining consumer confidence,” said John Carlson, FS-ISAC chief of staff. “The FS-ISAC will continue working with the NCCoE, as well as industry and federal agencies, to identify solutions for reducing the impact of data integrity attacks, such as destructive malware.”
The NCCoE began work on the Data Integrity project as a result of a previously published report, NIST IR 8050, which summarized feedback from a 2015 workshop hosted by NIST and Stanford University in conjunction with the White House Summit on Cybersecurity and Consumer Protection.
Feedback on the whitepaper from businesses and the public will inform the project and solution development. This project will ultimately result in a Cybersecurity Practice Guide in the NIST Special Publication 1800 series that will demonstrate an example solution and explain how to replicate it with the same, or similar commercially available technology. Organizations will be able to use the practice guide to improve their ability to recover from data corruption attacks such as ransomware.
The NCCoE addresses businesses’ most pressing cybersecurity problems with practical, standards-based solutions using commercially available technologies. The center collaborates with industry, academic and government experts to build modular, open, end-to-end reference designs that are broadly applicable and repeatable.