Detecting and Responding to Ransomware

Detecting-and-Responding-to-Ransomware

The CIA triad represents the three pillars of information security: confidentiality, integrity, and availability, as follows.

  • Confidentiality – preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information
  • Integrity – guarding against improper information modification or destruction and ensuring information non-repudiation and authenticity
  • Availability – ensuring timely and reliable access to and use of information

This series of practice guides focuses on data integrity: the property that data has not been altered in an unauthorized manner. Data integrity covers data in storage, during processing, and while in transit. (Note: These definitions are from National Institute of Standards and Technology (NIST) Special Publication (SP) 800-12 Rev 1, An Introduction to Information Security.)

  • Destructive malware, ransomware, malicious insider activity, and even honest mistakes all set the stage for why organizations need to detect and respond to an event that impacts data integrity. Businesses must be confident that these events are detected in a timely fashion and responded to appropriately.
  • Attacks against an organization’s data can compromise emails, employee records, financial records, and customer information—impacting business operations, revenue, and reputation.
  • Examples of data integrity attacks include unauthorized insertion, deletion, or modification of data to corporate information such as emails, employee records, financialrecords, and customer data.
  • The National Cybersecurity Center of Excellence (NCCoE) at NIST built a laboratory environment to explore methods to effectively detect and respond to a data integrity event in various information technology (IT) enterprise environments, to immediately react to the event in an effort to prevent a complete compromise.
  • This NIST Cybersecurity Practice Guide demonstrates how organizations can develop and implement appropriate actions during a detected data integrity cybersecurity event.
Download
Facebook
Twitter
LinkedIn
Pinterest
Constanza Rodriguez

Constanza Rodriguez

All Posts »

Leave a Reply

Your email address will not be published. Required fields are marked *

Top Recommended Posts

SANS Faculty Cybersecurity Free Tools – SANS Instructors have built more than 150 open source tools that support your work and help you implement better security.
SANS Faculty Cybersecurity Free Tools – SANS Instructors have built more than 150 open source...
Data Center Security Checklist
Data Center Security Checklist
Blockchain Security – A Framework for Trust and Adoption by Dutch Blockchain Coalition
Blockchain Security – A Framework for Trust and Adoption by Dutch Blockchain Coalition
Making a Business Case for Security – An Interagency Security Committee Best Practice by CISA 2023 Edition
Making a Business Case for Security – An Interagency Security Committee Best Practice by CISA...
Microsoft Azure Resiliency – Business Continuity and Disaster Recovery
Microsoft Azure Resiliency – Business Continuity and Disaster Recovery
Personal Cyber Security First Steps by Australian Government – ACSC
Personal Cyber Security First Steps by Australian Government – ACSC
CYBER ESSENTIALS STARTER KIT – The Basics for Building a Culture of Cyber Readiness – By CISA Cybersecurity and Infrastructure Security Agency
CYBER ESSENTIALS STARTER KIT – The Basics for Building a Culture of Cyber Readiness –...
10 Ways CHATGPT and Generative AI can strenghthen ZERO TRUST by InstaSafe
10 Ways CHATGPT and Generative AI can strenghthen ZERO TRUST by InstaSafe
New to Cyber Field Manaul – The Ultimate Guide to Getting Into Cybersecurity by SANS GIAC
New to Cyber Field Manaul – The Ultimate Guide to Getting Into Cybersecurity by SANS...
Artificial Intelligence Risk Management Framework – AI RMF 1.0 By NIST
Artificial Intelligence Risk Management Framework – AI RMF 1.0 By NIST