News & Updates

This week, NIST released the newly redesigned and streamlined Special Publication 800-225, Fiscal Year (FY) 2022 Cybersecurity and Privacy Annual Report.

Internal and external reporting of security vulnerabilities in software and information systems owned or utilized by the Federal Government is critical to mitigating risk, establishing a robust security posture, and...

NIST Special Publication (SP) 800-124 Revision 2, Guidelines for Managing the Security of Mobile Devices in the Enterprise, assists organizations in managing and securing mobile devices against the ever-evolving threats.

The National Cybersecurity Center of Excellence (NCCoE) invites you to share your feedback on the preliminary draft of NIST Special Publication 1800-37 Volume A, Addressing Visibility Challenges with TLS 1.3.

NIST has decided to revise SP 800-132, "Recommendation for Password-Based Key Derivation – Part 1: Storage Applications." Read this announcement for more details.

The initial public draft (IPD) of NIST Special Publication (SP) 800-171, Revision 3, "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations," is available for public comment and review through...

NIST Internal Report (IR) 8450, Overview and Considerations of Access Control Based on Attribute Encryption, is now available for public review and comment. The deadline to submit comments is June 23, 2023.

Today, NIST has published an update of Federal Information Processing Standards Publication (FIPS) 197, Advanced Encryption Standard (AES).

The NCCoE has released the preliminary public drafts of NIST SP 1800-36, Vols. B –E, Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management. The comment period is open now through June 20,...

NIST has decided to revise SP 800-38A, "Recommendation for Block Cipher Modes of Operation: Methods and Techniques." Read this announcement for more details.

The initial public draft of NIST IR 8460, "State Machine Replication and Consensus with Byzantine Adversaries," has been posted for public comment through September 1, 2023.

The NCCoE has released a preliminary draft of NIST Special Publication 1800-39A, "Implementing Data Classification Practices." The public comment period is open through June 12, 2023.

For the past 18+ months NIST, in collaboration with the Department of Health and Human Services (HHS) Office for Civil Rights (OCR), has been working to update NIST Special Publication (SP) 800-66.

NIST is updating the Cybersecurity Framework (CSF) which is widely used to help organizations better understand, manage, reduce, and communicate cybersecurity risks.

The NCCoE has posted the initial preliminary draft of NIST Special Publication 1800-38A,  "Migration to Post-Quantum Cryptography: Preparation for Considering the Implementation and Adoption of Quantum Safe Cryptography" for...

The initial public draft of NIST Special Publication (SP) 800-207A, "A Zero Trust Architecture Model for Access Control in Cloud-Native Applications in Multi-Location Environments," is now available for public comment through...

NIST Interagency Report (IR) 8427 is now available.

NIST has published a new Cybersecurity White Paper on "Security Segmentation in a Small Manufacturing Environment."

NIST is proposing to revise NIST Special Publication 800-132. Please submit public comments by May 1, 2023.

NIST requests comments on the initial public draft of Special Publication (SP) 800-219r1, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP).

The initial public draft of NIST AI 100-2 (2003 edition), Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations, is now available for public comment.

After considering multiple rounds of public comments, NIST has decided to revise Federal Information Process Standard (FIPS), "Secure Hash Standard (SHS)."

The National Cybersecurity Center of Excellence (NCCoE) has published the initial public draft of NIST Internal Report (NIST IR) 8432, Cybersecurity of Genomic Data.

The National Cybersecurity Center of Excellence (NCCoE) has released a draft report, NIST Interagency Report (NISTIR) 8320D, Hardware Enabled Security: Hardware-Based Confidential Computing, for public comment.

NIST Interagency Report (IR) 8011, Automation Support for Security Control Assessments, provides guidance on automating the assessment of controls that can be tested.