U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

For 20 years, the Computer Security Resource Center (CSRC) has provided access to NIST's cybersecurity- and information security-related projects, publications, news and events.   CSRC supports stakeholders in government, industry and academia—both in the U.S. and internationally.

In this major update to CSRC:


Recent News

Public Comments Requested on SP 800-106 January 13, 2022
NIST is currently reviewing Special Publication (SP) 800-106, "Randomized Hashing for Digitial Signatures," (2009) and is requesting public feedback on all aspects of the publication by March 16, 2022.
Proposal to Revise SP 800-22 Rev. 1a January 12, 2022
NIST is proposing to revise Special Publication (SP) 800-22 Revision 1a. Please submit public comments by February 14, 2022. 
Draft NIST SP 800-160 Volume 1 Revision 1 Available for Comment January 11, 2022
NIST is releasing the draft of a major revision to Special Publication (SP) 800-160 Volume 1, Engineering Trustworthy Secure Systems, which is available for comment through February 25, 2022.
Draft NISTIR 8389 Available for Comment January 3, 2022
Draft NISTIR 8389, “Cybersecurity Considerations for Open Banking Technology and Emerging Standards,” is available for comment through March 3, 2022.
Draft NISTIR 8403 Available for Comment December 20, 2021
Draft NISTIR 8403, “Blockchain for Access Control Systems,” is open for comment through February 7, 2022.

View All News

Upcoming Events

NCCoE Virtual Workshop on the Cybersecurity of Genomic Data January 26, 2022
Genomic data are central to basic science research, pharmaceutical drug and vaccine development, disease diagnosis and prediction, ancestry tracing, and forensic investigations. These applications require information fidelity...
DevSecOps and ZTA for Cloud-Native Applications - Third Annual Multi-Cloud Conference and Workshop (virtual) January 26, 2022 - January 27, 2022
This year’s Multi-Cloud Conference co-hosted by NIST and Tetrate will focus on DevSecOps and ZTA as foundational approaches to development, deployment, and operational phases for achieving high-assurance cloud-native...
Federal Cybersecurity & Privacy Professionals Forum Meeting - February 15, 2022 February 15, 2022
Presentations & Speakers at a Glance: GSA’s Approach to Identifying Requirements: FISMA, FedRAMP or Controlled Unclassified Information,  Pranjali Desai and Bo Berlas, GSA Multi-Factor Authentication and Key Updates for...
3rd Open Security Controls Assessment Language (OSCAL) Workshop March 1, 2022 - March 2, 2022
The National Institute of Standards and Technology will be hosting on Tuesday, March 1st, and Wednesday, March 2nd, 2022, the third workshop in the series focusing on the Open Security Controls Assessment Language (OSCAL)....
Information Security and Privacy Advisory Board (ISPAB) March 2022 Meeting March 9, 2022 - March 10, 2022
The Information Security and Privacy Advisory Board (ISPAB) is authorized by 15 U.S.C. 278g-4, as amended, and advises the National Institute of Standards and Technology (NIST), the Secretary of Homeland Security (DHS), and...

View All Events