News and Events

June 14, 2018

The National Institute of Standards and Technology (NIST) Computer Security Resource Center (CSRC) has a wealth of resources targeting specific cybersecurity challenges in the public and private sectors. These practical, user-friendly guides can help your practice facilitate the adoption of standards-based approaches to cybersecurity.

May 22, 2018

NCCoE Deputy Director Tim Mcbride will present "Recover Quickly & Safely from Ransomware" at the Enfuse 2018 Conference at 8am on May 22. This session will discuss how industry experts and technology collaborators worked with the NCCoE to develop practical cybersecurity guidance on recovering from destructive malware and ransomware. This session will highlight the recently released NIST Special Publication 1800-11, Data Integrity: Recovering from Ransomware and Other Destructive Events.

April 16, 2018

The NCCoE will present and provide project demonstrations at the RSA Conference 2018 in San Francisco. Click for additional information on topics, times, and locations.

October 11, 2017

Tripwire has helped the National Institute of Standards and Technology‘s National Cybersecurity Center of Excellence to draft a cybersecurity practice guidance on data integrity. The draft guide, titled “NIST SP 1800-11, Data Integrity: Recovering from Ransomware and Other Destructive Events,” suggests methods for businesses...

October 10, 2017

Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced that it has been working closely with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) on a ...

October 10, 2017

How can organizations know that the data they recover is accurate and safe? To help companies answer that question, the National Cybersecurity Center of Excellence (NCCoE) has released the NIST Cybersecurity Practice Guide SP 1800-11Data Integrity: Recovering from Ransomware and Other Destructive Events. The resource provides guidance on how organizations can develop strategies to recover operating systems, user files, applications, and other IT assets from data corruption events such as ransomware. NCCoE’s newest SP also discusses issues of auditing, reporting, and investigations following companies’ discovery of such destructive security incidents.

October 03, 2017

The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Science and Technology (NIST) worked with myriad information security companies to provide companies with a ransomware recovery guide. Comprised of three volumes that can be used by pros from executive leaders to IT professionals, the guide is all about helping organizations hit by ransomware not only recover their data, but also manage overall cybersecurity risks to their infrastructures.

October 01, 2017

NCCoE Senior Engineer Harry Perper will present "Ransomware Recovery and Privileged Account Management Improve Resilience" on October 4 from 1:45pm to 2:30pm at the FS-ISAC Fall Summit in Baltimore, Md. Malware and insider threat actors often make use of privileged accounts to enable their activities. Recovery from ransomware is complicated by the lack of consistent and protected file and system back-ups. And access rights policies are difficult to enforce using manual processes. This session will explore  the NCCoE's research and projects related to Data Integrity (ransomware recovery), Access Rights Management, and Privileged Account Management.

September 08, 2017

Draft guidelines for ransomware recovery have been issued by the National Cybersecurity Center of Excellence (NCCoE) and the National Institute of Standards and Technology (NIST). The guidelines – NIST Special Publication 1800-11 – apply to all forms of data integrity attacks. SP 1800-11 is a detailed, standards-based guide that can be used by organizations of all sizes to develop recovery strategies to deal with data integrity attacks and establish best practices to minimize the damage caused and ensure a speedy recovery.

September 08, 2017

The US National Institute of Standards and Technology's (NIST's) National Cybersecurity Center of Excellence (NCCOE) has published a draft guidance document titled Data Integrity: Recovering from Ransomware and Other Destructive Events. The guide "demonstrates how organizations can develop and implement appropriate actions following a detected cybersecurity event."

September 07, 2017

The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) along with vendors and businesses within the cybersecurity community teamed up to develop a recovery guide for firms hit with ransomware attacks. Researchers said the goal of the guide is to help organizations recover data from cybersecurity events, facilitate smooth recovery in the event of a compromise, and manage enterprise risks, according to the Data Integrity Recovering from Ransomware and Other Destructive Events report.

September 06, 2017

To help companies and organizations prepare and recover from cyberattacks, the U.S. government has issued a guidance in collaboration with members of the business community and vendors in the cybersecurity industry. The National Cybersecurity Center of Excellence at the National Institute of Standards and Technology released “Data Integrity: Recovering from Ransomware and Other Destructive Events.” 

February 09, 2017

The National Cybersecurity Center of Excellence (NCCoE), a part of the National Institute for Standards and Technology (NIST), will demonstrate its current projects in San Francisco Feb. 13-17 at the RSA Conference and Orlando Feb 19-23 at the Healthcare Information and Management Systems Society Annual Conference & Exhibition (HIMSS17).

Individuals and organizations interested in learning more about the NCCoE’s work and how they can participate are encouraged to visit the booth and attend the presentations and demonstrations listed below.

RSA Conference: February 13-17, 2017

October 19, 2016

The CyberMaryland Conference is an annual two-day event presented jointly by The National Cyber Security Hall of Fame and Federal Business Council (FBC) in conjunction with academia, government, and private industry organizations. NCCoE Senior Security Engineer Don Tobin will lead a Cyber Threat Intelligence Forum on "Restoring Data Integrity After a Destructive Malware or Ransomware Attack" on Thursday, October 20 at 9 a.m. This presentation will cover the work being done at the NCCoE on methods to effectively recover and restore systems to normal operations after a data corruption attack. The conference will take place at the Baltimore Hilton Hotel.

July 21, 2016

The National Institute of Standards and Technology’s National Cybersecurity Center of Excellence on Thursday established a new “community of interest” for data integrity, part of a Data Integrity Project aimed at assuring data is not altered or destroyed by malware, ransomware, insider activity, and other risks.

July 17, 2016

Criminal enterprises involved in distributing ransomware are making a large profit, with some studies showing profits in the hundreds of millions worldwide. In the Bitdefender study, more than 50 percent of the United States targets paid the ransom, while 40 percent said they would pay if they were hit. However, an effective data recovery strategy and business continuity plan would eliminate the need to pay the ransoms. Developing a process to detect and recover from a data integrity attack is too significant and costly a challenge for a single company to address in isolation. Therefore, the NCCoE has begun collaborating with technology partners and business leaders to develop a comprehensive, cross-industry solution.

June 01, 2016

The National Data Integrity Conference is a gathering of people sharing new challenges and solutions regarding research data and integrity. NCCoE Senior Security Engineer Donald Tobin will discuss "Recovering Data Integrity After a Destructive Malware Attack" in a lightning talk on June 3 from 1:15-3:00pm. The conference will be held at the University of Colorado in Denver. 

June 01, 2016

The National Institute of Standards and Technology is requesting proposals for cybersecurity-related products and technical expertise that would help organizations recover from incidents that alter or destroy data.

The effort is being pursued through NIST's National Cybersecurity Center of Excellence and seeks to develop an “example solution” under the Data Integrity Building Block.

May 31, 2016

The National Institute of Standards and Technology is looking for products and expertise to help organizations reliably recover corrupted or destroyed data.

The search is being conducted by NIST’s Data Integrity project, which is part of the National Cybersecurity Center of Excellence. The project is working to develop ways organizations can prevent or recover from data loss or alteration resulting from malware or human error.

January 21, 2016

The National Institute of Standards and Technology today will close a public comment period on a white paper about data integrity and methods to recover IT systems from cyber attacks and audit data to ensure integrity.

The NIST Cybersecurity White Paper “Data Integrity: Reducing the Impact of an Attack” was developed by NIST’s National Cybersecurity Center of Excellence.