« Atlantic Council : Emerging Technologies and the Future of US-Japan Defense Collaboration | Main | 米国NSAが「多要素認証サービスの選択と安全な使用」に関する連邦政府向けのガイダンスを公表していますね。。。 »

2020.09.23

NIST SP 1800-11 Data Integrity: Recovering from Ransomware and Other Destructive Events  ランサムウェア等の破壊的なイベントからの復旧

こんにちは、丸山満彦です。

NISTがSP 1800-11 Data Integrity: Recovering from Ransomware and Other Destructive Eventsを公表していますね。ランサムウェア等の破壊的なイベントからの復旧をテーマにした実践ガイドです。ほとんどMITREの人が書いているんですかね。。。

パブコメドラフトが2017.09.06ですから3年越しですね。。。

NIST - ITL

・2020.09.22 (Publication) SP 1800-11 Data Integrity: Recovering from Ransomware and Other Destructive Events

・[PDF] SP 1800-11

  • [PDF] SP 1800-11a: Executive Summary
  • [PDF] SP 1800-11b: Approach, Architecture, and Security Characteristics
  • [PDF] SP 1800-11c: How-To Guides

データ破損イベントの後に即座に対策を講じるために、組織がどのように技術を実装できるかを提示する。

データ破損の効果的な監視と検出を奨励する。

 


Abstract

Businesses face a near-constant threat of destructive malware, ransomware, malicious insider activities, and even honest mistakes that can alter or destroy critical data. These data corruption events could cause a significant loss to a company’s reputation, business operations, and bottom line.

These types of adverse events, that ultimately impact data integrity, can compromise critical corporate information including emails, employee records, financial records, and customer data. It is imperative for organizations to recover quickly from a data integrity attack and trust the accuracy and precision of the recovered data.

The National Cybersecurity Center of Excellence (NCCoE) at NIST built a laboratory environment to explore methods to effectively recover from a data corruption event in various Information Technology (IT) enterprise environments. NCCoE also implemented auditing and reporting IT system use to support incident recovery and investigations.

This NIST Cybersecurity Practice Guide demonstrates how organizations can implement technologies to take immediate action following a data corruption event. The example solution outlined in this guide encourages effective monitoring and detection of data corruption in standard, enterprise components as well as custom applications and data composed of open-source and commercially available components.

|

« Atlantic Council : Emerging Technologies and the Future of US-Japan Defense Collaboration | Main | 米国NSAが「多要素認証サービスの選択と安全な使用」に関する連邦政府向けのガイダンスを公表していますね。。。 »

Comments

Post a comment



(Not displayed with comment.)




« Atlantic Council : Emerging Technologies and the Future of US-Japan Defense Collaboration | Main | 米国NSAが「多要素認証サービスの選択と安全な使用」に関する連邦政府向けのガイダンスを公表していますね。。。 »