The National Cybersecurity Center of Excellence (NCCoE), a part of the NIST, partnered with Tripwire on developing NIST SP 1800-11 “Data Integrity: Recovering from Ransomware and Other Destructive Events.”
LONDON, UK. — October 10, 2017 — Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced that it has been working closely with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) on a cybersecurity project on data integrity.
The NCCoE is a collaborative hub where industry organizations, government agencies, and academic institutions work together to address businesses’ most pressing cybersecurity challenges. The NCCoE has just released a draft practice guide, titled NIST SP 1800-11, Data Integrity: Recovering from Ransomware and Other Destructive Events.
The guide explores methods that organizations can use to effectively recover from a data corruption event in various Information Technology (IT) enterprise environments. The guide also maps security characteristics to standards, guidance, and best practices from NIST and other standards organizations.
The draft is available for download on the NCCoE website. People are encouraged to share their thoughts on this step-by-step guide with NCCoE to help make it better.
“Collaborating with stakeholders such as members of industry, technology providers, and integrators to produce viable cybersecurity solutions is key to the NCCoE’s success. The Data Integrity practice guide is another successful example of how these stakeholders engage with NCCoE to produce solutions to real world problems that can be adopted to reduce the level of risk for owners and operators across various industries,” said Tim McBride, deputy director and project lead for NCCoE’s Data Integrity team.
Jim Wachhaus, director of technology alliances at Tripwire said, “The National Cybersecurity Center of Excellence (NCCoE) is where the rubber hits the road between standards and frameworks and actual real-world implementations. And because cybersecurity is an issue of national and personal importance we feel the best way to solve the problem is collaboration between private and public sectors. To that end, Tripwire is passionately engaged with NCCoE’s important mission to drive better cybersecurity and protect everything from critical cyber assets to consumer PII.”
This practice guide can help businesses recover from a detected cybersecurity event by showing how commercially available technologies, like Tripwire’s solutions*, can be integrated with existing tools and IT system infrastructure.
*While the example implementation uses certain products, including Tripwire, NIST and the NCCoE do not endorse these products. The guide presents the characteristics and capabilities of those products, which an organization’s security experts can use to identify similar standards-based products that will fit within their organization’s existing tools and infrastructure.
Tripwire is a leading provider of security, compliance and IT operations solutions for enterprises, industrial organizations, service providers and government agencies. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business context; together these solutions integrate and automate security and IT operations. Tripwire’s portfolio of enterprise-class solutions includes configuration and policy management, file integrity monitoring, vulnerability management, log management, and reporting and analytics.