NCCoE Announces Technology Collaborators for Data Classification Project

Thursday March 2, 2023 – SYDNEY: Today Janusnet is announcing its collaboration with the National Cybersecurity Center of Excellence (NCCoE) in the Data Classification Practices: Facilitating Data-Centric Security Management Building Block Consortium.

The Consortium will develop technology-agnostic recommended practices for defining data classifications and data handling rulesets and for communicating them to others.

Bill Newhouse, Cybersecurity Engineer, NIST NCCoE, says, “As organizations migrate towards Zero Trust architectures, a data-centric approach to cybersecurity is needed that prioritizes protections for an organization’s critical data. We are excited to be working with all our collaborators to develop recommended practices for data classification which can be adopted to support an organization’s ability to provide cybersecurity and privacy protections for critical data.”

As part of a Zero Trust framework, data-centric security management aims to enhance information protection regardless of where the data resides or who accesses it. Data-centric security management depends on organizations knowing what data they have, what its characteristics are, and what security and privacy requirements it needs to meet to achieve the necessary protections.

Standardized mechanisms for communicating data characteristics and protection requirements are needed to make data-centric security management feasible at scale. This project will examine such an approach based on defining and using data classifications.

The project will inform and improve existing cybersecurity and privacy risk management processes by helping with communicating data classifications and data handling rulesets. It will not replace current risk management practices, laws, regulations, or mandates. The project will deliver a freely available NIST Cybersecurity Practice Guide.

Dr Neville Jones, Founder and Director Janusnet, says, “Faced with the complexity of adopting a Zero Trust architecture, cybersecurity professionals can be forgiven for overlooking straightforward wins, such as data classification. Data classification metadata enables integration with every part of a Zero Trust architecture, including endpoint security, workflow security, identity management and access controls, automation, firewalls, threat analysis, and more. As a pure-play data classification company with over 15 years’ experience, Janusnet is honored to be invited by NIST to collaborate on this project which will ultimately benefit thousands of organizations globally.

Commonality of standards is something that Janusnet has championed since its foundation. Data classification standards provide the mechanisms to share information safely as well as controlling it. NIST and the other collaborators should realize some essential advancements which will be good for governments, corporations, and individuals. I’m excited about the possibilities!”

Please visit the NIST National Cybersecurity Center of Excellence website for more information.