For 20 years, the Computer Security Resource Center (CSRC) has provided access to NIST's cybersecurity- and information security-related projects, publications, news and events. CSRC supports stakeholders in government, industry and academia—both in the U.S. and internationally.
NISTIR 8322 Virtual Workshop ReportJanuary 7, 2021 NIST publishes NISTIR 8322, Workshop Summary Report for “Building the Federal Profile for IoT Device Cybersecurity” Virtual Workshop.
Healthcare--Securing PACS: NIST SP 1800-24December 21, 2020 A new NIST Cybersecurity Practice Guide, NIST SP 1800-24, is now available: "Securing Picture Archiving and Communication System (PACS): Cybersecurity for the Healthcare Sector."
Draft Guidance for IoT Device CybersecurityDecember 15, 2020 Four draft guidance documents on defining IoT cybersecurity requirements--for federal agencies and IoT device manufacturers--are now available for comment through February 12, 2021: Draft SP 800-213 and Draft NISTIRs...
NIST Publishes NISTIR 8246: CVMAP for CNAs, ADPsDecember 15, 2020 A new publication formalizes the Common Vulnerabilities and Exposures (CVE) entry metadata submission process that's used in conjunction with the National Vulnerability Database (NVD).
Draft NISTIR 8286A Available for CommentDecember 14, 2020 Draft NISTIR 8286A, "Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management," is available for comment through February 1, 2021.
2nd Open Security Controls Assessment Language (OSCAL) WorkshopFebruary 2, 2021 - February 3, 2021 The National Institute of Standards and Technology will be hosting on Tuesday, February 2 and Wednesday, February 3, 2021, the second workshop in a new series focusing on the Open Security Controls Assessment Language...