Skip to content
    Home / Function (NIST CSF 2.0) / PR - Protect

    DS – Data Security

    NIST CSF Category PR.DS
    In data security, normative documents are essential for defining how sensitive information should be protected throughout its lifecycle—at rest, in transit, and in use. Standards like ISO/IEC 27001 and ISO/IEC 27701 provide frameworks for information security and privacy management, while NIST SP 800-53 and NIST SP 800-171 offer detailed controls for protecting federal and controlled unclassified information. Regulatory bodies such as the European Data Protection Board (EDPB) for GDPR enforcement and the U.S. Federal Trade Commission (FTC) for consumer data protection set legal requirements that organizations must follow. By adhering to these standards and regulations, organizations can implement robust encryption, access control, and data handling practices, ensuring compliance, mitigating breaches, and maintaining stakeholder trust.

    NIST IR 8596 Cybersecurity Framework Profile for Artificial Intelligence (Cyber AI Profile): NIST Community Profile

    The NIST Cyber AI Profile offers a structured approach to integrating AI into cybersecurity operations. It provides guidance on leveraging AI for threat detection, risk assessment, and automated response while… Read More »NIST IR 8596 Cybersecurity Framework Profile for Artificial Intelligence (Cyber AI Profile): NIST Community Profile

    ETSI EN 304 223: Securing Artificial Intelligence (SAI) – Baseline Cyber Security Requirements for AI Models and Systems

    ETSI EN 304 223 is a landmark European standard, published in early 2026, that establishes the first globally applicable baseline for securing artificial intelligence models and systems throughout their entire… Read More »ETSI EN 304 223: Securing Artificial Intelligence (SAI) – Baseline Cyber Security Requirements for AI Models and Systems

    SEC Post-Quantum Financial Infrastructure Framework (PQFIF)

    The SEC’s Post-Quantum Financial Infrastructure Framework (PQFIF) is a comprehensive strategic plan designed to secure the U.S. financial system against the emerging threats posed by quantum computing advancements. Its primary… Read More »SEC Post-Quantum Financial Infrastructure Framework (PQFIF)