Tech

NIST project shows how to recover data after cyberattack

Outlined in a white paper released Tuesday, the NIST office partnered with the Financial Services Information Sharing and Analysis Center (FS-ISAC) to create examples of how companies can prepare for and mitigate damage from various kinds of cyber attacks.

By Greg Otto

November 24, 2015

A new project from the National Cybersecurity Center of Excellence aims to help businesses protect their data after they’ve suffered an attack.

Outlined in a white paper released Tuesday, the NIST office partnered with the Financial Services Information Sharing and Analysis Center, known as FS-ISAC, to create case studies for how companies can prepare for and mitigate damage from various kinds of cyberattacks. The project will go on to explore methods for recovering operating systems, databases, user files, applications and system configurations.

“Ensuring data integrity is about mitigating business risk and maintaining consumer confidence,” John Carlson, FS-ISAC chief of staff, said in a release. “The FS-ISAC will continue working with the NCCoE, as well as industry and federal agencies, to identify solutions for reducing the impact of data integrity attacks, such as destructive malware.”

In the document, businesses are given examples of how to deal with ransomware attacks, data manipulation from insider threats, and malware that encrypts data, writes over original unencrypted content and then deletes the encryption keys.

The white paper, which is currently a draft, is part of a project developed out of a June NIST technical workshop and the White House’s Summit on Cybersecurity on Consumer Protection in February.

Feedback on the project will be used to craft a NIST cybersecurity practice guide, which will direct organizations on how to implement a cybersecurity reference design that allows for better data recovery.

Comments on the white paper can be submitted to NIST until Jan. 18, 2016.

Read the white paper below.

NIST project shows how to recover data after cyberattack

More Like This

ICE pursuing privacy approvals related to controversial phone location data

House Modernization panel advances bill to improve CRS’s data access in first-ever markup

Commerce adds five members to AI Safety Institute leadership

Top Stories

State Department encouraging workers to use ChatGPT

Federal CIO calls on Congress to fund Technology Modernization Fund

GSA administrator: Generative AI tools will be ‘a giant help’ for government services

Congressional panel outlines five guardrails for AI use in House

With 2023 tax season in the rearview, IRS commissioner eyes expansion of AI capabilities

CMS’s financial office is using LLM pilot to combat loss of institutional knowledge

Top public sector takeaways from Google Cloud Next 2024

Commerce requests information about AI, open data assets, data dissemination

More Scoops

NSF, NIST appropriations cuts met with disappointment as Biden seeks increases

From research to talent: Five AI takeaways from Biden’s budget

Senate bill calls on NIST to boost work on emerging tech standards

Updated NIST cybersecurity framework adds core function, focuses on supply chain risk management

Bipartisan Senate proposal calls for AI workforce framework from NIST

New legislation would give NIST drone cybersecurity responsibilities

Raimondo announces picks for U.S. AI Safety Institute’s director, CTO

Latest Podcasts

NIST project shows how to recover data after cyberattack

AI Week 2024 has Come and Gone

Darryl Peek on Elastic’s role in enhancing public sector search and data analytics with AI and Google collaboration

Danny Werfel on How Automation has Enhanced his Agency’s Operations.

Tech

Defense

Cyber

Acquisition