Hot Topics

Home » Promo » Cybersecurity » How to Leverage NIST Cybersecurity Framework for Data Integrity

How to Leverage NIST Cybersecurity Framework for Data Integrity

by Maurice Uenuma on March 10, 2020

Together with the National Cybersecurity Center of Excellence (NCCoE), the National Institute of Standards and Technology (NIST) has released a series of practice guides that focuses on data integrity. Data integrity is the property that records have not been altered in an unauthorized manner. Tripwire is very proud to have contributed and collaborated with other technology vendors in the development of these practice guides.

Challenges to Data Integrity

Destructive malware, ransomware, malicious insider activity, and even honest mistakes all set the stage for why organizations need to quickly detect and respond to an event that impacts data integrity. Businesses must be confident that these events are detected quickly and responded to appropriately.

Attacks against an organization’s data can impact business operations, revenue, and reputation. Examples of data integrity attacks include unauthorized insertion, deletion, or modification of data to corporate information such as emails, employee records, financial records, and customer data.

Some organizations have experienced systemic attacks that force operations to cease. While ransomware remains the most prominent attack method, other data integrity attacks may be more dynamic, targeting machines, spreading laterally across networks, and continuing to cause damage throughout an organization. These behaviors are usually targeted against multiple files at a time. After all, for most organizations there would be little impact if a single file is held hostage. Most attackers tend to choose high impact over subtle craftiness. This makes the events easily detectable if the correct monitoring tools are in place.

NIST Cybersecurity Framework

NIST published version 1.1 of the Cybersecurity Framework in April 2018 to provide guidance for protecting and developing resiliency for critical infrastructure and other sectors. The framework core contains five functions, outlined in a handy, easy-to-remember graphic:

Sponsorships Available

Identify – Develop an organizational understanding to manage cybersecurity risk (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Maurice Uenuma. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/how-leverage-nist-cybersecurity-framework-data-integrity/

March 10, 2020September 26, 2022 Maurice Uenuma IT Security and Data Protection, NCCoE, NIST

Maurice Uenuma

:**Maurice Uenuma is VP & GM, Americas and security strategist at Blancco, collaborating with an excellent team to deliver the world's leading data erasure, IT asset disposition, and mobile lifecycle solutions to address privacy, security, and sustainability needs. Prior to Blancco, Maurice was Vice President, Federal & Enterprise with Tripwire, supporting state governments and large enterprises in the United States. Prior to joining Tripwire, he was Vice President at the Center for Internet Security (CIS), and served as Workforce Management co-chair of the National Initiative for Cybersecurity Education (NICE) Working Group at NIST. Earlier, Maurice held leadership roles at Perot Systems and Dell, and served for nine years as an infantry and special operations officer in the United States Marine Corps. Maurice holds a Master’s degree in National Security Studies from Georgetown University, graduated from the U.S. Naval Academy, and is a GIAC-certified Global Industrial Cyber Security Professional (GICSP).

maurice-uenuma has 12 posts and counting.See all posts by maurice-uenuma