Skip to content
    Home / Function (NIST CSF 2.0) / PR - Protect / DS - Data Security

    DS – Data Security

    NIST CSF Category PR.DS
    In data security, normative documents are essential for defining how sensitive information should be protected throughout its lifecycle—at rest, in transit, and in use. Standards like ISO/IEC 27001 and ISO/IEC 27701 provide frameworks for information security and privacy management, while NIST SP 800-53 and NIST SP 800-171 offer detailed controls for protecting federal and controlled unclassified information. Regulatory bodies such as the European Data Protection Board (EDPB) for GDPR enforcement and the U.S. Federal Trade Commission (FTC) for consumer data protection set legal requirements that organizations must follow. By adhering to these standards and regulations, organizations can implement robust encryption, access control, and data handling practices, ensuring compliance, mitigating breaches, and maintaining stakeholder trust.

    NIST SP 800-172 Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171

    NIST SP 800-172 is a supplementary publication to NIST SP 800-171 that provides 35 enhanced security requirements designed to protect controlled unclassified information (CUI) on non-federal systems, especially when related… Read More »NIST SP 800-172 Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171

    NIST SP 800-171 Rev. 3 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

    NIST SP 800-171 is a set of cybersecurity standards developed by the National Institute of Standards and Technology (NIST) to protect Controlled Unclassified Information (CUI) in nonfederal systems and organizations.… Read More »NIST SP 800-171 Rev. 3 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

    NIST SP 1800-28 Data Confidentiality: Identifying and Protecting Assets Against Data Breaches

    NIST Special Publication 1800-28, titled “Data Confidentiality: Identifying and Protecting Assets Against Data Breaches,” provides a comprehensive guide to help organizations identify and protect their data assets from unauthorized access… Read More »NIST SP 1800-28 Data Confidentiality: Identifying and Protecting Assets Against Data Breaches

    NIST SP 1800-29 Data Confidentiality: Detect, Respond to, and Recover from Data Breaches

    NIST Special Publication 1800-29, “Data Confidentiality: Detect, Respond to, and Recover from Data Breaches,” provides organizations with practical guidance on managing data confidentiality risks by focusing on the latter three… Read More »NIST SP 1800-29 Data Confidentiality: Detect, Respond to, and Recover from Data Breaches