Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity of Genomic Data

Published

Author(s)

Ronald Pulivarti, Natalia Martin, Frederick R. Byers, Justin Wagner, Justin Zook, Samantha Maragh, Jennifer McDaniel, Kevin Wilson, Martin Wojtyniak, Brett Kreider, Ann-Marie France, Sallie Edwards, Tommy Morris, Jared Sheldon, Scott Ross, Phillip Whitlow

Abstract

Genomic data has enabled the rapid growth of the U.S. bioeconomy and is valuable to the individual, industry, and government because it has multiple intrinsic properties that in combination make it different from other types of high value data which possess only a subset of these properties. The characteristics of genomic data compared to other high value datasets raises some correspondingly unique cybersecurity and privacy concerns that are inadequately addressed with current policies, guidance documents, and technical controls. This report describes current practices in risk management, cybersecurity, and privacy management for protecting genomic data along with relevant challenges and concerns. Gaps in protection practices across the lifecycle were identified concerning genomic data generation; safe and responsible sharing of the genomic data; monitoring the systems processing genomic data; lack of specific guidance documents addressing the unique needs of genomic data processors; and regulatory/policy gaps with respect to national security and privacy threats in the collection, storage, sharing, and aggregation of human genomic data. The report proposes a set of solution ideas that address real-life use cases occurring at various stages of the genomic data lifecycle along with candidate mitigation strategies and the expected benefits of the solutions. Additionally, areas needing regulatory/policy enactment or further research are highlighted.
Citation
NIST Interagency/Internal Report (NISTIR) - 8432
Report Number
8432

Keywords

Cyberbiosecurity, cybersecurity, genomic data, genomics, human genome, privacy

Citation

Pulivarti, R. , Martin, N. , Byers, F. , Wagner, J. , Zook, J. , Maragh, S. , McDaniel, J. , Wilson, K. , Wojtyniak, M. , Kreider, B. , France, A. , Edwards, S. , Morris, T. , Sheldon, J. , Ross, S. and Whitlow, P. (2023), Cybersecurity of Genomic Data, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.IR.8432, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=956407 (Accessed November 20, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created December 20, 2023