NIST Draft Special Publication 1800-11: “Data Integrity”

We are excited to announce the release of our newest practice guide, Data Integrity: Recovering from Ransomware and Other Destructive Events, SP 1800-11. As a draft NIST Cybersecurity Practice Guide, we welcome your comments and feedback. Comments are due by November 6, 2017.

What’s the guide about?

According to a report from the Justice Department’s Computer Crime and Intellectual Property Section, “more than 4,000 ransomware attacks…occurred daily” in 2016; a “300-percent increase” over attacks seen per day in 2015.

Data integrity incidents, such as ransomware, destructive malware, malicious insider activity, and even honest mistakes, can compromise enterprise information, including emails, employee records, financial records, and customer data.

This is why organizations need to be able to quickly recover from an event that alters or destroys data. It is imperative that businesses are confident that the data recovered after an attack is accurate and safe.

The guide explores methods that organizations can use to effectively recover from a data corruption event in various IT enterprise environments. The guide also maps security characteristics to standards, guidance, and best practices from NIST and other standards organizations.

The full draft practice guide is also available for download in PDF or web viewing.

We look forward to receiving your comments on the draft guide—the approach, the architecture, and possible alternatives.

The comment period is open through November 6, 2017. Comments may be made public after review and can be submitted anonymously. Submit comments online or via email to

Interested in participating in our next set of projects around data integrity? Email us to join our Community of Interest at