The National Cybersecurity Center of Excellence (NCCoE) has released a preliminary draft of NIST Special Publication (SP) 1800-39A, Implementing Data Classification Practices, for public comment.
About the Project
Organizations are managing an increasing volume of data while maintaining compliance with policies for protecting that data. Those policies are driven by business, regulatory, data security, and privacy requirements. This publication can help organizations reduce the risk of data breaches, loss, and mishandling through data-centric security management, by demonstrating how to discover and classify data based on its characteristics regardless of where the data resides or how it is shared.
The NCCoE and its collaborators are using commercially available technology to build interoperable data classification solutions for use cases. As the project progresses, this preliminary draft will be updated with supporting guidance, and additional use cases and volumes will also be released to solicit public comment.
Submit Comments
The public comment period for this draft is open now through June 12, 2023. See the publication details for a copy of the draft and instructions for commenting.
Join the Community of Interest
If you have expertise and/or interest in data-centric security practices, consider joining the NCCoE Data Classification Community of Interest (COI) to receive the latest project news and updates! Email the team at [email protected] declaring your interest.
