2020 NIST ransomware recovery guide: What you need to know


Over the past decade, a destructive piece of malware has grown from a novel concept into a digital epidemic. Now ransomware is causing a serious impact on organizations’ assets. This malware type is growing in popularity amongst attackers as a way to quickly extort money from its victims, which may include individuals, organizations and even governments.

In order to respond to this threat, the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) introduced a project to help organizations to detect and respond effectively to data integrity attacks across multiple industries. This project includes a wide range of design rules and technologies to develop a best fit solution that can help the market fight this emergent threat.

According to the NCCoE, “ransomware, destructive malware, insider threats, and even honest mistakes present an ongoing threat to an organization’s infrastructure. Database records and structure, system files, configurations, user files, application code, and customer data are all at risk should an attack occur.”

Nowadays it is crucial to implement detection and response mechanisms that can prevent many types of data integrity attacks. Some of these risks can be reduced by using a group of capabilities, such as integrity monitoring, event detection, vulnerability management, reporting capabilities and mitigation and containment.

Risks and impact of a data integrity attack

The risk associated with destructive malware, ransomware or even any human mistakes related to valuable data is the reason why organizations need to quickly detect and respond to a data integrity event. There is not a single magic formula, but the basic advice is quite simple: detect fast and respond appropriately to each challenge.

DevOps Unbound Podcast

A data integrity attack may target the following:

  • Stored and sensitive information (PII)
  • Emails
  • Customers data/information
  • Employee records
  • Financial records
  • Backups
  • Reputation

For example, (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Pedro Tavares. Read the original post at:

Integrated Security Data PulseMeter

Step 1 of 7

What percentage of your organization’s security data is integrated into a SIEM or data repository you manage? (Select one)(Required)