Security News > 2020 > September > NIST guide to help orgs recover from ransomware, other data integrity attacks

The National Institute of Standards and Technology has published a cybersecurity practice guide enterprises can use to recover from data integrity attacks, i.e., destructive malware and ransomware attacks, malicious insider activity or simply mistakes by employees that have resulted in the modification or destruction of company data.

Special Publication 1800-11, Data Integrity: Recovering from Ransomware and Other Destructive Events can help organizations to develop a strategy for recovering from an attack affecting data integrity, recover from such an event while maintaining operations, and manage enterprise risk.

The goal is to monitor and detect data corruption in widely used as well as custom applications, and to identify what data way altered/corrupted, when, by whom, the impact of the action, whether other events happened at the same time.

Finally, organizations are advised on how to restore data to its last known good configuration and to identify the correct backup version.

"Multiple systems need to work together to prevent, detect, notify, and recover from events that corrupt data. This project explores methods to effectively recover operating systems, databases, user files, applications, and software/system configurations. It also explores issues of auditing and reporting to support recovery and investigations," the authors added.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/SWAJlYO4LsI/