News & Updates

NIST Cybersecurity White Paper (CSWP) 41, "Likely Exploited Vulnerabilities: A Proposed Metric for Vulnerability Exploitation Probability", helps organizations identify actively exploited vulnerabilities and measure prioritization after patching.

In addition to publishing a report on the "Workshop on Foundational Cybersecurity Activities for IoT Device Manufacturers" (IR 8572), an initial public draft of IR 8259r1, "Foundational Cybersecurity Activities for IoT Product Manufacturers," is available for comment through July 14, 2025.

The initial public draft (IPD) of NIST Special Publication (SP) 800-234, High-Performance Computing (HPC) Security Overlay, is now available for public comment.

NIST has released the initial public draft of NIST Internal Report (IR) 7621r2, Small Business Cybersecurity: Non-Employer Firms

NIST published Special Publication 800-236, FY 2024 Annual Report for NIST Cybersecurity and Privacy Program.

NIST Publishes NIST IR 8562, the Summary Report for "Workshop on Updating Manufacturer Guidance for Securable Connected Product Development"

NIST CSWP 42, Towards Automating IoT Security: Implementing Trusted Network -Layer Onboarding, is available for public comment. The comment period is open through May 29, 2025.

The initial public draft of the NIST Privacy Framework 1.1 is available for public comment through June 13, 2025.

NIST announces the release of NIST Interagency Report (IR) 8552 Requirements for Cryptographic Accordions.

NIST's Crypto Publication Review Board is proposing to withdraw Special Publications 800-102, "Recommendation for Digital Signature Timeliness." Submit public comments through Monday, May 12, 2025.

After two public comment periods, NIST has decided to revise CMAC and CCM block cipher modes of operation specified in NIST Special Publications 800-38B and 800-38C.

NIST Special Publication (SP) 800-81r3 (Revision 3), Secure Domain Name System (DNS) Deployment Guide, describes the different roles of DNS and gives recommendations for protecting the integrity, availability, and confidentiality of DNS services. The public comment period is open through May 26, 2025.

NIST has finalized Special Publication (SP) 800-61r3 (Revision 3), Incident Response Recommendations and Considerations for Cybersecurity Risk Management: A CSF 2.0 Community Profile.

NIST requests public comments on NIST IR 8214C 2pd, NIST First Call for Multi-Party Threshold Schemes which will help the NIST Multi-Party Threshold Cryptography and Privacy-Enhancing Cryptography projects collect reference materials on advanced cryptography. Submit comments by May 30, 2025.

The initial public draft (ipd) of NIST Special Publication (SP) 800-228, Guidelines for API Protection for Cloud-Native Systems, is now available for public comment.

NIST has published NIST AI 100-2e2025, Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations.

NCCoE is releasing the draft Executive Summary, NIST SP 1800-33 5G Cybersecurity Volume A

NCCoE has released NIST IR 8523 ipd for public comment until 11:59 PM ET on Monday, April 14, 2025

After two public comment periods, NIST has decided to update the SHA-3 Standard (FIPS 202) and revise the SHA-3 Derived Functions specification (Special Publication 800-185).

The latest Quick Start Guide for the NIST Cybersecurity Framework 2.0 is available for public comment through April 25, 2025.

HQC Announced as a 4th Round Selection. NIST Internal Report (IR) 8545 details the evaluation criteria, algorithm designs, and reasoning behind the selection.

NIST SP 800-226 focuses on differential privacy, a privacy-enhancing technology that quantifies privacy risk to individuals when their information appears in a dataset.

NIST Cybersecurity White Paper (CSWP), Considerations for Achieving Crypto Agility, provides an in-depth survey of current approaches and considerations to achieving crypto agility.

The NIST National Cybersecurity Center of Excellence (NCCoE) along with the SEMI Semiconductor Manufacturing Cybersecurity Consortium has released Draft NIST Internal Report (IR) 8546, Cybersecurity Framework (CSF) 2.0 Semiconductor Manufacturing Community Profile for public comment until 11:59 PM ET on Friday, May 30, 2025.

NIST has released revisions or updates to all five publications in its Interagency Report (IR) 8286 series. The public comment period is open through April 14, 2025, for the initial public drafts of IR 8286r1, IR 8286Ar1, and IR 8286Cr1.