Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

News & Updates

Showing 62 matching records.
December 19, 2014

NIST announces the release of Special Publication (SP) 800-157, Guidelines for Derived Personal Identity Verification (PIV) Credentials. SP 800-157 defines a technical specification for implementing and deploying Derived PIV Credentials to mobile devices, ...

December 19, 2014

NIST requests comments on DRAFT Special Publication (SP) 800-152, A Profile for U.S. Federal Cryptographic Key Management Systems. This Profile is based on NIST Special Publication (SP) 800-130, A Framework for Designing Cryptographic Key Management Systems, ...

December 18, 2014

Special Publication 800-88 Revision 1, Guidelines for Media Sanitization, has been approved as final. Media sanitization refers to a process that renders access to target data on the media infeasible for a given level of effort.

December 16, 2014

Draft NISTIR 7621 Revision 1, Small Business Information Security: The Fundamentals; is now available for public comment. NIST, as a partner with the Small Business Administration and the Federal Bureau of Investigation ...

December 12, 2014

NIST announces the release of Special Publication 800-53A, Revision 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans.

November 21, 2014

NIST requests your comments on the latest revision of Special Publication 800-90A, Recommendation for Random Number Generation Using Deterministic Random Bit Generators, which is dated November 2014. This document specifies Deterministic Random Bit Generators ...

November 18, 2014

NIST announces the release of Draft Special Publication 800-171, Protecting Controlled Unclassified Information in Non-federal Information Systems and Organizations (Initial Public Draft). 

November 5, 2014
Federal Register Number: 2014-26317

The National Institute of Standards and Technology (NIST) invites and requests nomination of individuals for appointment to eight existing Federal Advisory Committees

October 28, 2014

NIST announces the public comment release of Draft Special Publication (SP) 800-150, Guide to Cyber Threat Information Sharing. The purpose of this publication is to assist organizations in establishing, participating in, and maintaining information sharing relationships ...

October 20, 2014

NIST announces the public comment release of NIST DRAFT Special Publication 800-125A, Security Recommendations for Hypervisor Deployment. Server Virtualization (enabled by Hypervisor) is finding widespread adoption in enterprise data centers both for hosting in-house ...

October 2, 2014

These 2 documents were approved as final at end of September - made available to CSRC website on September 30 - Special Publication 800-56B Revision 1 and NISTIR 7628 Revision 1

September 23, 2014
Federal Register Number: 2014-22623

The Information Security and Privacy Advisory Board (ISPAB) will meet Wednesday, October 22, 2014 - Friday, October 24, 2014. All sessions will be open to the public.

September 10, 2014

NIST announces the release of Draft NIST IR 8023, Risk Management for Replication Devices. For the purposes of this NISTIR, replication devices (RDs) include copiers, printers, three-dimensional (3D) printers, ...

September 3, 2014

NIST announces the release of NIST Special Publication 800-147B, BIOS Protection Guidelines for Servers. This guide is intended to mitigate threats to the integrity of fundamental system firmware, ...

August 28, 2014

NIST announces the release of Draft Special Publication 800-53, Revision 4, Appendix HInternational Information Security Standards, Security Control Mappings for ISO/IEC 27001: 2013. (NOTE: This draft Appendix H for SP 800-53 Revision 4 ...

August 26, 2014
Federal Register Number: 2014-20315

NIST requests information about the level of awareness throughout critical infrastructure organizations, and initial experiences with the Framework for Improving Critical Infrastructure Cybersecurity (the “Framework”).

August 22, 2014

NIST announces the public comment release of Draft Special Publication (SP) 800-167Guide to Application Whitelisting. The purpose of this publication is to assist organizations in understanding the basics of application whitelisting (also known as application control) ...

August 21, 2014

NIST announces the public comment release of Draft NIST Interagency Report (IR) 7966, Security of Automated Access Management Using Secure Shell (SSH). (NOTE: This draft & the 2nd draft has been approved as FINAL on October 2015). 

August 19, 2014

NIST announces that Draft Special Publication 800-163Technical Considerations for Vetting 3rd Party Mobile Applications, is now available for public comment. The purpose of this document is to provide guidance for vetting 3rd party software applications (apps) ...

August 6, 2014

NIST produced a revised version of NIST Special Publication SP 800-85B, PIV Data Model Conformance Test Guidelines. The revisions include additional tests necessary to test new features added to the PIV Data Model in SP 800-73-4 Parts 1. This document, ...

July 31, 2014

NIST announces the release of Draft Special Publication 800-53A, Revision 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans (Initial Public Draft). 

July 29, 2014

NIST extended the public review period of the recently posted Draft NIST IR 8006NIST Cloud Forensic Science Challenges, and will accept comments on the document until AUGUST 25, 2014

July 29, 2014

On February 25, 2014, the Association of Public-Safety Communications Officials (APCO) International, in cooperation with FirstNet and the Department of Commerce held a half-day workshop titled “Public Safety Mobile Application Security Requirements” attended by ...

July 15, 2014

In cooperation with the Public Safety Communications Research (PSCR) Program, NIST announces the release of NIST Interagency Report (NISTIR) 8014, Considerations for Identity Management in Public Safety Mobile Networks. 

July 14, 2014

NIST’s Visiting Committee for Advanced Technology (VCAT) finalized a report detailing recommendations for NIST’s cryptographic standards program. The VCAT’s recommendations are ...

July 2, 2014

NIST Interagency Report (NISTIR) 7987 describes an access control framework, referred to as the Policy Machine (PM), which fundamentally changes the way access control policy is expressed and enforced. The report gives a detailed description of the PM ...

June 27, 2014

Draft Special Publication 800-38G, Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption, released for public comment in July 2013, included three methods for format-preserving encryption (FPE). Called FF1, FF2, and FF3,...

June 23, 2014

NIST announces that Draft NIST IR 8006, NIST Cloud Forensic Science Challenges, has been released for public comments – can be accessed by the CSRC Drafts page. Deadline to submit comments has been EXTENDED TO AUGUST 25, 2014

June 10, 2014

NIST announces the release of an errata update to Special Publication 800-37, Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach.

June 3, 2014

NIST announces that Draft Special Publication (SP) 800-161, Supply Chain Risk Management Practices for Federal Information Systems and Organizations, has been released for public comment ....

June 3, 2014

NIST announces the release of Supplemental Guidance on Ongoing Authorization: Transitioning to Near Real-Time Risk Management. This publication responds to Office of Management and Budget (OMB) Memorandum M-14-03, Enhancing the Security of Federal ...

May 29, 2014

NIST announces the public comment release of second draft of NIST Interagency Report 7924, Reference Certificate Policy. The purpose of this document is to identify a set of security controls and practices to support the secure issuance of certificates. 

May 28, 2014

NIST announces the release of Special Publication (SP) 800-101 Revision 1, Guidelines on Mobile Device Forensics. Mobile device forensics is the science of recovering digital evidence from a mobile device under forensically sound conditions using accepted methods. 

May 28, 2014
Federal Register Number: 2014-12336

The National Institute of Standards and Technology (NIST) launched a public competition in November 2007 to develop a new cryptographic hash algorithm for standardization to augment the Government...

May 20, 2014

Update on Three FISMA Publications Ongoing Authorization Supplemental Guidance, SP 800-37, Rev 1 (Errata), SP 800-53A Rev 2 (IPD) 

The FISMA Implementation Project is announcing the following schedule for three publications.

May 20, 2014

The NIST Special Publication 800-53 Revision 4 On-line Reference Database has been posted which contains the catalog of security controls from Appendix F and G of SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations (April 2013).

May 19, 2014

Public Comments: (1) Revised Draft Special Publication 800-73-4, Interfaces for Personal Identity Verification, and (2) Revised Draft Special Publication 800-78-4, Cryptographic Algorithms and Key Sizes for Personal Identity Verification, are now available...

May 16, 2014

NIST has determined to extend the public comment period for the draft revision of Special Publication 800-56B, Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography ...

May 16, 2014
Federal Register Number: 2014-11424

The Information Security and Privacy Advisory Board (ISPAB) will meet Wednesday, June 11, 2014 - Friday, June 13, 2014. All sessions will be open to the public.

May 13, 2014

NIST announces the release of Special Publication 800-82, Revision 2, Guide to Industrial Control System (ICS) Security. Special Publication 800-82 provides guidance on how to improve the security in Industrial Control Systems (ICS), ...

May 12, 2014

NIST requests comments on the initial public draft of Special Publication (SP) 800-160, Systems Security Engineering: An Integrated Approach to Building Trustworthy Resilient Systems

May 6, 2014
Federal Register Number: 2014-10349

The National Institute of Standards and Technology (NIST) invites organizations to provide products and technical expertise to support and demonstrate security platforms for IT asset management for the financial services sector.

May 5, 2014

NIST would like to request comments on a Draft Revision of SP 800-57 Part 3, Recommendation for Key Management: Application-Specific Key Management Guidance

April 29, 2014

NIST has released Special Publication 800-52 Revision 1, Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations. TLS provides mechanisms to protect sensitive data during electronic dissemination across networks.

April 29, 2014

NIST announces the release of NIST Interagency Report (NISTIR) 7946, CVSS Implementation Guidance. This Interagency Report provides guidance to individuals scoring IT vulnerabilities using the Common Vulnerability Scoring System (CVSS) Version 2.0 scoring metrics. 

April 23, 2014

In support of the Federal Information Security Management Act of 2002 and the 2014 Framework for Improving Critical Infrastructure Cybersecurity, NIST will issue in May 2014, the initial public draft of Special Publication (SP) 800-160, Systems Security Engineering ...

April 21, 2014

NIST requests comments on a revision of Draft Special Publication 800-90A Revision 1, Recommendation for Random Number Generation Using Deterministic Random Bit Generators. This revision removes the Dual_EC_DRBG from the document.

March 18, 2014
Federal Register Number: 2014-05960

The National Institute of Standards and Technology (NIST) invites organizations to provide products and technical expertise to support and demonstrate security platforms for identity and access management for the electric power sector.

March 14, 2014

NIST announces the release of Draft Special Publication (SP) 800- 16 Revision 1 (3rd public draft), A Role-Based Model For Federal Information Technology/Cyber Security Training for public comment. SP 800-16 describes information technology / cyber security role-based training ...

March 13, 2014

NIST announces the release of the draft revision of Special Publication 800-56B, Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography. SP 800-56B specifies key-establishment schemes based on the Rivest Shamir Adleman ...

March 11, 2014
Federal Register Number: 2014-05215

The National Institute of Standards and Technology (NIST) announces the Intersection of Cloud and Mobility Forum and Workshop to be held on Tuesday, March 25, Wednesday, March 26, and Thursday, March 27, 2014.

March 7, 2014

Draft Special Publication 800-157, Guidelines for Derived Personal Identity Verification (PIV) Credentials and Draft NIST Interagency Report 7981, Mobile, PIV, and Authentication, are now available 

March 6, 2014

NIST announces the release of NIST Interagency Report (IR) 7849, A Methodology for Developing Authentication Assurance Level Taxonomy for Smart Card-based Identity Verification. Smart cards (smart identity tokens) are now extensively deployed for identity verification, ...

February 28, 2014
Federal Register Number: 2014-04473

The Information Security and Privacy Advisory Board (ISPAB) will meet Wednesday, March 12, 2014 - Friday, March 14, 2014. All sessions will be open to the public.

February 28, 2014
Federal Register Number: 2014-04474

The Smart Grid Advisory Committee (SGAC or Committee), will meet in open session on Tuesday, March 18, 2014 from 8:30 a.m. to 5:00 p.m. Eastern time and Wednesday, March 19, 2014 from 8:30 a.m. to 12:00 p.m. Eastern time. 

February 18, 2014

NIST requests comments on Draft NIST Interagency Report 7977, NIST Cryptographic Standards and Guidelines Development Process. This document describes the principles, ...

February 18, 2014
Federal Register Number: 2014-03495

This notice announces the issuance of the Cybersecurity Framework (the “Cybersecurity Framework” or “Framework”). 

January 27, 2014

NIST requests comments on the Draft of Special Publication (SP) 800-168, Approximate Matching: Definition and Terminology. SP 800-168 contains a definition for approximate matching including requirements and considerations ...

January 23, 2014

NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations

January 21, 2014

NIST announces the final release of Special Publication (SP) 800-162, Guide to Attribute Based Access Control (ABAC) Definition and Considerations. ABAC is a logical access control methodology where authorization to perform a set of operations is determined by evaluating attributes ...

January 10, 2014
Federal Register Number: 2014-00260

The National Institute of Standards and Technology (NIST), Department of Commerce, intends to sponsor a FRDC G36to facilitate public-private collaboration for accelerating the widespread adoption of integrated cybersecurity tools and technologies. 

January 7, 2014

NIST requests comments on Draft Special Publication (SP) 800-152, A Profile for U.S. Federal Cryptographic Key Management Systems. SP 800-152 contains requirements for the design, implementation, procurement, installation, ...

* "Relevance" merely indicates the search engine's score for a document. It is based on the search parameters and information in the document's detailed record.