News & Updates

NIST Internal Report (IR) 8500A ipd (initial public draft), Blockchain-Based Secure Software Assets Management (BloSS@M), outlines a modernized conceptual approach for transforming how software assets are acquired, tracked, and secured across an interagency ecosystem.

The initial public draft of NIST Special Publication (SP) 800-228A is available for public comment. The comment period is oopen through July 2, 2026.

NIST Internal Report (IR) 8610 announces nine candidates advancing to the third round of the Additional Digital Signatures for the Post-Quantum Cryptography (PQC) Standardization Process.

As part of ongoing efforts to strengthen protections for securing controlled unclassified information (CUI) in nonfederal systems, NIST has released SP 800-172r3, Enhanced Security Requirements for Protecting Controlled Unclassified Information, and SP 800-172Ar3, Assessing Enhanced Security Requirements for Controlled Unclassified Information

The final version of NIST Special Publication (SP) 800-70r5 (Revision 5), National Checklist Program for IT Products – Guidelines for Checklist Users and Developers, is now available.

NIST's Crypto Publication Review Board invites comments on Special Publication (SP) 800-52 Revision 2, "Guidelines for the Selection, Configuration, and Use of TLS Implementations." The comment period is open through July 10, 2026.

The NIST NCCoE has released the draft NIST Internal Report (IR) 8323 Revision 2, "Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT)." The public comment period is open through July 6, 2026.

This announcement is a pre-draft call for comments to solicit preliminary feedback on SP 800-38F. The public comment period is open through July 10, 2026.

NIST Special Publication 800-234 (final) is now available.

NIST's Cybersecurity for IoT Program is releasing Revision 1 of NIST IR 8259, "Foundational Cybersecurity Activities for IoT Product Manufacturers."

The initial public draft (ipd) of NIST Special Publication (SP) 800-133r3 (Revision 3), "Recommendation for Cryptographic Key Generation," is open for public comment through June 16, 2026.

NIST has published Cybersecurity White Paper (CSWP) 52, "Firmware-Based Monitoring for Bus-Based Computer Systems," introducing a low-cost, innovative approach to enhancing hardware security visibility.

NIST has released a new public draft of Small Business Cybersecurity: Non-Employer Firms. The public comment period is open through May 14, 2026.

NIST releases the initial public draft of SP 800-230, Additional SLH-DSA Parameter Sets for Limited Signature Use Cases. The comment period closes on June 12, 2026.

The final release of NIST Special Publication 1308, "NIST CSF 2.0: Cybersecurity, Enterprise Risk Management, and Workforce Management QSG," is now available. Also, NIST requests public comments on SP 1347, "CSF 2.0 Informative References Quick-Start Guide." The public comment period ends 

NIST Publishes SP 800-81r3: Secure Domain Name System (DNS) Deployment Guide final version

"Applying 5G Cybersecurity and Privacy Capabilities" white paper series helps consumers and operators of 5G networks securely adopt this technology as the development, deployment, and usage of 5G simultaneously evolves.

The NCCoE has released an initial public draft of NIST Special Publication (SP) 1800-42A, "Digital Identities - Mobile Driver’s License (mDL): Accelerating Development and Adoption of Digital Identity for Financial Institutions." The public comment period is open through May 8, 2026.

This guide demonstrates how organizations can discover, identify and label unstructured data using data classification practices. The public comment period is open through March 30, 2026.

NIST has published the final version of Interagency Report (IR) 8446, which compares Germany’s BSI AIS 20/31 and NIST’s SP 800-90 series.

The NIST National Cybersecurity Center of Excellence (NCCoE) has released a draft of NIST Interagency Report (IR) 8576, Transit Cybersecurity Framework (CSF) Community Profile, which is available for public comment through February 23, 2026.

NIST has initiated the process of revising NIST SP 800-82, Guide to Operational Technology (OT) Security, to incorporate lessons learned, align with relevant NIST guidance and OT cybersecurity standards and practices, and address changes in the OT threat landscape.

NIST has published Internal Report (IR) 8214C, NIST First Call for Multi-Party Threshold Schemes.

After receiving public comments in response to its July 2025 proposal, NIST has decided to update SP 800-56Ar3 and revise SP 800-56Cr2.

The initial public draft of NIST IR 8587, "Protecting Tokens and Assertions from Forgery, Theft, and Misuse: Implementation Recommendations for Agencies and Cloud Service Providers," is now available for public comment through January 30, 2026.