NIST CSF 2.0 Category

PR.DS Data Security

PR Protect | Protect data throughout storage, processing, transfer, and disposal.

Implementation Objective

Preserve confidentiality, integrity, and availability of sensitive data across its full lifecycle.

Implementation Actions

Apply classification-based handling rules.
Enforce encryption and key controls.
Validate backup and restoration integrity.

Evidence Examples

Data handling standard
Encryption configs
Restore test reports

Suggested Metrics

Encrypted sensitive data coverage
Restore success rate

Framework Crosswalk

Direct mappings for this CSF category into NIST SP 800-171 family sections and CIS Controls v8 implementation domains.

NIST SP 800-171 Families

CIS Controls v8

Navigation

Back to NIST CSF 2.0 Categories CIS Controls v8 Guidance FedRAMP Guidance Cybersecurity Glossary