The three-volume guidelines covers all forms of data integrity attacks and includes an executive summary, and addresses approach, architecture, and security characteristics along with "how-to-guides."
The guidelines are intended to be used by organizations of all sizes to help develop strategies to minimize damage and speed recovery from data breaches.
The document is a collaboration of the two organizations along with corporate participants including GreenTec, HP, IBM, Tripwire, MITRE Corp. and Veeam. The goal is to help organizations prepare for the worst-case scenarios and develop effective plans for recovery from a cybersecurity breach.
The NCCoE at NIST built a laboratory environment to explore methods to effectively recover from a data corruption event in various Information Technology (IT) enterprise environments. NCCoE also implemented auditing and reporting IT system use to support incident recovery and investigations.
The goals of this NIST Cybersecurity Practice Guide are to help organizations confidently:
Source: HIPAA Journal
The goals of this NIST Cybersecurity Practice Guide are to help organizations confidently:
- Restore data to its last known good configuration
- Identify the correct backup version (free of malicious code and data for data restoration)
- Identify altered data as well as the date and time of alteration
- Determine the identity/identities of those who alter data
- Identify other events that coincide with data alteration
- Determine any impact of the data alterations
Source: HIPAA Journal
No comments:
Post a Comment