NCCoE Releases New Data Integrity Practice Guides

The National Institute of Standards and Technology’s (NIST’s) National Cybersecurity Center of Excellence (NCCoE) released two draft practice guides today:

  1. SP 1800-25: Identifying and Protecting Assets Against Ransomware and Other Destructive Events
  2. SP 1800-26: Detecting and Responding to Ransomware and Other Destructive Events

Ransomware, malware, insider threats, and even honest user mistakes present ongoing threats to organizations. All types of data, such as database records, system files, configurations, user files, applications, and customer data, are potential targets of data corruption, modification, and destruction.

Formulating a defense against these threats requires thorough knowledge of the assets within the enterprise and protection of these assets against data corruption and destruction.

Furthermore, quick, accurate, and thorough detection and response to a loss of data integrity can save an organization time, money, and headaches. While human knowledge and expertise are essential components of a defense, the right tools and preparation are essential to minimizing downtime and losses due to data integrity events.

As detailed in these two practice guides, the NCCoE, in collaboration with members of the business community and vendors of cybersecurity solutions, has built example solutions to address these data integrity challenges.

Submit your comments today!

The public comment period for these two practice guides is open from today until February 26, 2020. Please submit your comments by email to or through the SP 1800-25 online comment form or the SP 1800-26 online comment form.

If you are interested in joining our Community of Interest, email us at