NIST CSF: PR.IP-4 Subcategory

From NIST's Cyber Security Framework (version 1):

Backups of information are conducted, maintained, and tested

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

CSF Mapped to SP800-53 Controls

Generated from NIST's SP800-53/CSF Crosswalk mappings.

Search:

Node
CP-4: Contingency Plan Testing
CP-6: Alternate Storage Site
CP-9: System Backup

Showing 1 to 3 of 3 entries

Related ISO 27001 Controls

Annex A controls from ISO 27001 (2013) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.

Protection of records (18.1.3)
ISO 27001:2013
Information backup (12.3.1)
ISO 27001:2013
Verify, review, and evaluate information security continuity (17.1.3)
ISO 27001:2013
Implementing information security continuity (17.1.2)
ISO 27001:2013

Related ISA/IEC 62443 Controls

Clauses and controls from IEC 62443 (62443-2-1 and 62443-3-3) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.

Control system backup (SR 7.3)
ISA/IEC 62443-3-3:2013
Control system recovery and reconstitution (SR 7.4)
ISA/IEC 62443-3-3:2013
Establish backup and restoration procedure (4.3.4.3.9)
ISA/IEC 62443-2-1:2009

MITRE ATT&CK Techniques

See which MITRE ATT&CK techniques this control helps to protect against. This is based on mappings to associated SP800-53 controls.

Search:

ATT&CK ID	Title	Associated Tactics
T1565.001	Stored Data Manipulation	Impact
T1070.008	Clear Mailbox Data	Defense Evasion
T1070.001	Clear Windows Event Logs	Defense Evasion
T1565	Data Manipulation	Impact
T1070.002	Clear Linux or Mac System Logs	Defense Evasion
T1119	Automated Collection	Collection
T1486	Data Encrypted for Impact	Impact
T1070	Indicator Removal	Defense Evasion
T1561	Disk Wipe	Impact
T1491	Defacement	Impact
T1561.002	Disk Structure Wipe	Impact
T1491.001	Internal Defacement	Impact
T1005	Data from Local System	Collection
T1003	OS Credential Dumping	Credential Access
T1490	Inhibit System Recovery	Impact
T1565.003	Runtime Data Manipulation	Impact
T1561.001	Disk Content Wipe	Impact
T1491.002	External Defacement	Impact
T1003.003	NTDS	Credential Access
T1025	Data from Removable Media	Collection
T1485	Data Destruction	Impact

Showing 1 to 21 of 21 entries

CSF Mapped to the NCSC CAF

Cyber Assessment Framework mappings generated from UK Cabinet Office data.

Search:

Control ID	Name	Description
B3.c	Stored Data	You have protected stored data important to the operation of the essential function.
B5.c	Backups	You hold accessible and secured current backups of data and information needed to recover operation of your essential function.
B5.a	Resilience Preparation	You are prepared to restore the operation of your essential function following adverse impact.
D1.c	Testing and Exercising	Your organisation carries out exercises to test response plans, using past incidents that affected your (and other) organisation, and scenarios that draw on threat intelligence and your risk assessment.

Showing 1 to 4 of 4 entries

NIST CSF: PR.IP-4 Subcategory

Cyber Threat Graph Context

CSF Mapped to SP800-53 Controls

Related ISO 27001 Controls

Protection of records (18.1.3)

Information backup (12.3.1)

Verify, review, and evaluate information security continuity (17.1.3)

Implementing information security continuity (17.1.2)

Related ISA/IEC 62443 Controls

Control system backup (SR 7.3)

Control system recovery and reconstitution (SR 7.4)

Establish backup and restoration procedure (4.3.4.3.9)

MITRE ATT&CK Techniques

CSF Mapped to the NCSC CAF