Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

News & Updates

Showing 82 matching records.
December 20, 2023

The NIST National Cybersecurity Center of Excellence has released NIST Internal Report (IR) 8432, "Cybersecurity of Genomic Data."

December 13, 2023

The initial public draft (ipd) of SP 800-79r3 (Revision 3), Guidelines for the Authorization of PIV Card and Derived PIV Credential Issuers, provides appropriate and useful guidelines for assessing the reliability of PIV Card and derived PIV credential issuers. Comment deadline is January 29, 2024.

December 11, 2023

Just released for Public Comment: Initial Public Draft of SP 800-26, Guidelines for Evaluating Differential Privacy Guarantees publication for public comment until Thursday, January 25, 2024!

December 6, 2023

NIST has released Cybersecurity White Paper (CSWP) 30, Automation Support for Control Assessments – Project Update and Vision, which describes planned updates to the NIST Interagency Report (IR) 8011 series.

November 20, 2023

The National Institute of Standards and Technology Human-Centered Cybersecurity program is pleased to announce the release of the NIST Phish Scale User Guide.  

November 17, 2023

Today, NIST is issuing best practices on how to better integrate ICT risk programs into an overarching ERM portfolio—given special attention to coordination and communication across risk programs.

November 17, 2023

The final version of NIST Special Publication (SP) 800-140Br1 (Revision 1), CMVP Security Policy Requirements: CMVP Validation Authority Updates to ISO/IEC 24759 and ISO/IEC 19790 Annex B, is now available.

November 15, 2023

The National Cybersecurity Center of Excellence (NCCoE) has released the initial public draft of NIST IR 8496 for public comment. The comment period closes on January 9, 2024.

November 9, 2023

The final public draft (fpd) of NIST Special Publication (SP) 800-171r3 (Revision 3) and initial public draft (ipd) of NIST SP 800-171Ar3 (Revision 3) are now available for public review. The comment period is open through January 26, 2024.

November 7, 2023

NIST has issued SP 800-53 Release 5.1.1 in the Cybersecurity and Privacy Reference Tool (CPRT).

October 17, 2023

NIST is issuing one new proposed control and two control enhancements with corresponding assessment procedures for an expedited 2-week public comment period for October 17–31, 2023.

October 16, 2023

The NIST NCCoE has published the final version of NIST Internal Report (NIST IR) 8473, Cybersecurity Framework Profile for Electric Vehicle Extreme Fast Charging Infrastructure. 

October 11, 2023

NIST has released the initial public draft of Special Publication (SP) 800-92r1 (Revision 1), Cybersecurity Log Management Planning Guide, for public comment. The comment period closes on November 29, 2023.

September 28, 2023

NIST has published "Special Publication (SP) 800-82r3 (Revision 3), Guide to Operational Technology (OT) Security", which provides guidance on how to improve the security of OT systems while addressing their unique performance, reliability, and safety requirements.

September 27, 2023

Two PIV publications are being revised: "Interfaces for Personal Identity Verification" (SP 800-73-5, 3 parts), and "Cryptographic Algorithms and Key Sizes for Personal Identity Verification" (SP 800-78-5). Submit your public comments through December 8, 2023.

September 26, 2023

NIST has published Interagency Report (IR) 8476, 3rd High-Performance Computing Security Workshop: Joint NIST-NSF Workshop Report, which offers summaries and key insights from collaborative workshop hosted by NIST and the National Science Foundation (NSF).

September 26, 2023

The NCCoE has released the second preliminary drafts of NIST SP 1800-36, Vols. A and D, “Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management.” The comment period is open now through November 10, 2023.

September 25, 2023

The NIST National Cybersecurity Center of Excellence (NCCoE) has published Final NIST IR 8441, Cybersecurity Framework Profile for Hybrid Satellite Networks (HSN). 

September 14, 2023

NIST has published Special Publication (SP) 800-188, De-Identifying Government Datasets: Techniques and Governance.

September 13, 2023

NIST announces the release of Special Publication (SP) 800-207A, A Zero Trust Architecture Model for Access Control in Cloud-Native Applications in Multi-Location Environments.

September 6, 2023

NIST has published NIST Internal Report (IR) 8450, Overview and Considerations of Access Control Based on Attribute Encryption.

September 5, 2023

NIST has published Internal Report (IR) 8408, Understanding Stablecoin Technology and Related Security Considerations

August 31, 2023

The initial public draft of NIST Internal Report (IR) 8472, Non-Fungible Token Security, is now available for comment. The deadline to submit comments is October 16, 2023.

August 31, 2023

The Initial Public Draft of NIST Interagency Report (IR) 8481, Research for Cybersecurity: Findings and Possible Paths Forward, is available for public comment. Deadline to submit comments is October 31, 2023.

August 30, 2023

The initial public draft (ipd) of NIST Special Publication (SP) 800-204D, Strategies for the Integration of Software Supply Chain Security in DevSecOps CI/CD Pipelines, is now available for public comment.

August 28, 2023

Draft NIST Special Publication (SP) 800-50r1 (Revision 1), Building a Cybersecurity and Privacy Learning Program, is now available for public comment. The comment period closes on October 27, 2023.

August 24, 2023
Federal Register Number: 2023-18197

NIST requests comments on the initial public drafts of three Federal Information Processing Standards (FIPS) - FIPS 203, 204 and 205. The deadline to submit comments is November 22, 2023.

August 23, 2023

NIST is proposing to revise NIST Special Publication 800-38D. Please submit public comments by October 9, 2023.

August 17, 2023

NIST has released the initial public draft (ipd) of a new report for public comment: NIST Internal Report (IR) 8477 ipd, Mapping Relationships Between Documentary Standards, Regulations, Frameworks, and Guidelines: Developing Cybersecurity and Privacy Concept Mappings.

August 8, 2023

After reviewing more than a year’s worth of community feedback, NIST has released a Draft of The NIST Cybersecurity Framework (CSF) 2.0 for public comment! Please submit comments by November 6, 2023.

 

July 27, 2023

NIST is reviewing Special Publication 800-135 Revision 1 and requesting public comments by September 27, 2023.

July 27, 2023

Initial public comments are requested on FIPS 202, SHA-3 Standard, and SP 800-185, SHA-3 Derived Functions. The public comment period is open through October 27, 2023.

July 25, 2023

Space operations are vital to advancing the security, economic prosperity, and scientific knowledge of the Nation.

July 25, 2023

The NIST Special Publication (SP) 800-140x series supports Federal Information Processing Standards (FIPS) Publication 140-3, Security Requirements for Cryptographic Modules, and its associated validation testing program, the Cryptographic Module Validation Program (CMVP).

July 20, 2023

NIST has released the final version of Special Publication (SP) 800-219 Revision 1, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP).

July 17, 2023

NIST has completed the reviews for all the “onramp” digital signature submissions received by the deadline. 

July 14, 2023

The NCCoE has released an initial public draft of NIST Internal Report (IR) 8473, "Cybersecurity Framework Profile for Electric Vehicle Extreme Fast Charging Infrastructure." The public comment period is open through August 28, 2023.

June 29, 2023

The specification of the Triple Data Encryption Algorithm (TDEA), NIST SP 800-67 Rev. 2, will be withdrawn January 1, 2024. The algorithm will be disallowed for applying cryptographic protection but will continue to be allowed for processing already-protected data.

June 21, 2023

NIST Internal Report (NIST IR) 8355, NICE Framework Competencies: Preparing a Job-Ready Cybersecurity Workforce, has been published. This publication describes Competency Areas as included in the NICE Framework, providing information on how Competency Areas are defined and how they can be used.

June 20, 2023
Federal Register Number: 2023-13043

The National Cybersecurity Center of Excellence (NCCoE) has released the final project description, "Cybersecurity for the Water and Wastewater Sector: A Practical Reference Design for Mitigating Cyber Risk in Water and Wastewater Systems." The NCCoE is now calling for project collaborators.

June 16, 2023

NIST has published NIST Internal Report 8454, Status Report on the Final Round of the NIST Lightweight Cryptography Standardization Process. The announcement of NIST's decision to standardize the ASCON family was announced on February 7, 2023.

June 15, 2023

The National Cybersecurity Center of Excellence (NCCoE) has released for public comment a draft of NIST Internal Report (NISTIR) 8467, Cybersecurity Framework Profile for Genomic Data. The comment period is now open through July 17, 2023.

June 8, 2023

The National Cybersecurity Center of Excellence (NCCoE) has published the final version of NIST Interagency Report (NIST IR) 8406, Cybersecurity Framework Profile for Liquefied Natural Gas (LNG).

June 7, 2023

The National Cybersecurity Center of Excellence (NCCoE) has released a preliminary practice guide, Automation of the NIST Cryptographic Module Validation Programfor public comment through July 25, 2023.  

June 6, 2023

The NCCoE has released Draft NIST IR 8441, Cybersecurity Framework Profile for Hybrid Satellite Networks (HSN)The comment period closes July 14, 2023.

May 31, 2023

This week, NIST released the newly redesigned and streamlined Special Publication 800-225, Fiscal Year (FY) 2022 Cybersecurity and Privacy Annual Report.

May 24, 2023

Internal and external reporting of security vulnerabilities in software and information systems owned or utilized by the Federal Government is critical to mitigating risk, establishing a robust security posture, and maintaining transparency and trust with the public.

May 17, 2023

NIST Special Publication (SP) 800-124 Revision 2, Guidelines for Managing the Security of Mobile Devices in the Enterprise, assists organizations in managing and securing mobile devices against the ever-evolving threats.

May 12, 2023

The National Cybersecurity Center of Excellence (NCCoE) invites you to share your feedback on the preliminary draft of NIST Special Publication 1800-37 Volume A, Addressing Visibility Challenges with TLS 1.3.

May 11, 2023

NIST has decided to revise SP 800-132, "Recommendation for Password-Based Key Derivation – Part 1: Storage Applications." Read this announcement for more details.

May 10, 2023

The initial public draft (IPD) of NIST Special Publication (SP) 800-171, Revision 3, "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations," is available for public comment and review through July 14, 2023.

May 9, 2023

NIST Internal Report (IR) 8450, Overview and Considerations of Access Control Based on Attribute Encryption, is now available for public review and comment. The deadline to submit comments is June 23, 2023.

May 9, 2023

Today, NIST has published an update of Federal Information Processing Standards Publication (FIPS) 197, Advanced Encryption Standard (AES).

May 3, 2023

The NCCoE has released the preliminary public drafts of NIST SP 1800-36, Vols. B –E, Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management. The comment period is open now through June 20, 2023.

April 28, 2023

NIST has decided to revise SP 800-38A, "Recommendation for Block Cipher Modes of Operation: Methods and Techniques." Read this announcement for more details.

April 26, 2023

The initial public draft of NIST IR 8460, "State Machine Replication and Consensus with Byzantine Adversaries," has been posted for public comment through September 1, 2023.

April 25, 2023

The NCCoE has released a preliminary draft of NIST Special Publication 1800-39A, "Implementing Data Classification Practices." The public comment period is open through June 12, 2023.

April 25, 2023

For the past 18+ months NIST, in collaboration with the Department of Health and Human Services (HHS) Office for Civil Rights (OCR), has been working to update NIST Special Publication (SP) 800-66.

April 24, 2023

NIST is updating the Cybersecurity Framework (CSF) which is widely used to help organizations better understand, manage, reduce, and communicate cybersecurity risks.

April 24, 2023

The NCCoE has posted the initial preliminary draft of NIST Special Publication 1800-38A, 

"Migration to Post-Quantum Cryptography: Preparation for Considering the Implementation and Adoption of Quantum Safe Cryptography" for public comment. The comment period closes June 8, 2023.

April 18, 2023

The initial public draft of NIST Special Publication (SP) 800-207A, "A Zero Trust Architecture Model for Access Control in Cloud-Native Applications in Multi-Location Environments," is now available for public comment through June 7, 2023. 

April 14, 2023

NIST Interagency Report (IR) 8427 is now available.

April 6, 2023

NIST has published a new Cybersecurity White Paper on "Security Segmentation in a Small Manufacturing Environment."

March 31, 2023

NIST is proposing to revise NIST Special Publication 800-132. Please submit public comments by May 1, 2023.

March 13, 2023

NIST requests comments on the initial public draft of Special Publication (SP) 800-219r1, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP).

March 8, 2023

The initial public draft of NIST AI 100-2 (2003 edition), Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations, is now available for public comment.

March 7, 2023

After considering multiple rounds of public comments, NIST has decided to revise Federal Information Process Standard (FIPS), "Secure Hash Standard (SHS)."

March 3, 2023

The National Cybersecurity Center of Excellence (NCCoE) has published the initial public draft of NIST Internal Report (NIST IR) 8432, Cybersecurity of Genomic Data.

February 23, 2023

The National Cybersecurity Center of Excellence (NCCoE) has released a draft report, NIST Interagency Report (NISTIR) 8320D, Hardware Enabled Security: Hardware-Based Confidential Computing, for public comment.

February 22, 2023

NIST Interagency Report (IR) 8011, Automation Support for Security Control Assessments, provides guidance on automating the assessment of controls that can be tested.

February 8, 2023

The initial public draft of NIST Special Publication (SP) 800-201, NIST Cloud Computing Forensic Reference Architecture, is now available for public comment.

February 8, 2023

NIST is proposing to update Special Publication (SP) 800-38E, "Recommendation for Block Cipher Modes of Operation: the XTS-AES Mode for Confidentiality on Storage Devices." Please submit public comments by March 10, 2023.

February 7, 2023

NIST announces the selection of the Ascon family for lightweight cryptography standardization.

February 6, 2023

NIST is requesting public comments on the initial public draft of Special Publication (SP) 800-223, High-Performance Computing (HPC) Security: Architecture, Threat Analysis, and Security Posture.

February 3, 2023
Federal Register Number: 2023-02273

Today, NIST is publishing a revised Digital Signature Standard (FIPS 186-5) and Recommendations for Discrete Logarithm-based Cryptography: Elliptic Curve Domain Parameters (NIST SP 800-186).

January 31, 2023

NIST is publishing NIST IR 8323r1 (revision 1), Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services. 

January 25, 2023

NIST requests public comments on NIST IR 8214C ipd (initial public draft), NIST First Call for Multi-Party Threshold Schemes, for primitives organized into two categories:

  1. Cat1: selected NIST-specified primitives
  2. Cat2: other primitives not specified by NIST.

January 19, 2023

The NIST Cybersecurity Framework (CSF) helps organizations better understand, manage, reduce, and communicate cybersecurity risks. NIST is updating the CSF to keep pace with the evolving cybersecurity landscape. 

January 10, 2023

NIST is announcing the initial public drafts of NIST SP 800-157r1 (Revision 1), "Guidelines for Derived Personal Identity Verification (PIV) Credentials," and NIST SP 800-217, "Guidelines for Personal Identity Verification (PIV) Federation." 

January 6, 2023

NIST is currently reviewing SP 800-132, "Recommendation for Password-Based Key Derivation: Part 1: Storage Applications," (2010) and is requesting public feedback on all aspects of the publication by February 24, 2023.

January 3, 2023

NIST recognizes the importance of the infrastructure that provides positioning, timing, and navigation (PNT) information to the scientific knowledge, economy, and security of the Nation. This infrastructure consists of three parts: the space segment, the ground segment, and the users of PNT.

* "Relevance" merely indicates the search engine's score for a document. It is based on the search parameters and information in the document's detailed record.