NIST Released Draft Special Publication 800-150
October 28, 2014
NIST announces the public comment release of Draft Special Publication (SP) 800-150, Guide to Cyber Threat Information Sharing. The purpose of this publication is to assist organizations in establishing, participating...

DRAFT Special Publication 800-125A
October 20, 2014
NIST announces the public comment release of NIST DRAFT Special Publication 800-125A, Security Recommendations for Hypervisor Deployment. Server Virtualization (enabled by Hypervisor) is finding widespread...

Approved: SP 800-56B Revision 1 and NISTIR 7628 Revision 1
October 2, 2014
These 2 documents were approved as final at end of September - made available to CSRC website on September 30 - Special Publication 800-56B Revision 1 and NISTIR 7628 Revision 1

Open Meeting of ISPAB (October 2014)
September 23, 2014
The Information Security and Privacy Advisory Board (ISPAB) will meet Wednesday, October 22, 2014 - Friday, October 24, 2014. All sessions will be open to the public.

DRAFT NISTIR 8023, Risk Management for Replication Devices
September 10, 2014
NIST announces the release of Draft NIST IR 8023, Risk Management for Replication Devices. For the purposes of this NISTIR, replication devices (RDs) include copiers, printers, three-dimensional (3D...

SP 800-147B, BIOS Protection Guidelines for Servers
September 3, 2014
NIST announces the release of NIST Special Publication 800-147B, BIOS Protection Guidelines for Servers. This guide is intended to mitigate threats to the integrity of fundamental system firmware, ...

Public Comments: DRAFT SP 800-53 Revision 4
August 28, 2014
NIST announces the release of Draft Special Publication 800-53, Revision 4, Appendix H, International Information Security Standards, Security Control Mappings for ISO/IEC 27001: 2013. (NOTE: This draft ...

Cybersecurity Framework RFI - Experience with the Framework
August 26, 2014
NIST requests information about the level of awareness throughout critical infrastructure organizations, and initial experiences with the Framework for Improving Critical Infrastructure Cybersecurity (the “Framework”).

Public Comments: Draft SP 800-167
August 22, 2014
NIST announces the public comment release of Draft Special Publication (SP) 800-167, Guide to Application Whitelisting. The purpose of this publication is to assist organizations in understanding the basics of...

Public Comments: Draft NISTIR 7966
August 21, 2014
NIST announces the public comment release of Draft NIST Interagency Report (IR) 7966, Security of Automated Access Management Using Secure Shell (SSH). (NOTE: This draft & the 2nd draft has been approved as...

Public Comments: Draft SP 800-163 Technical Considerations
August 19, 2014
NIST announces that Draft Special Publication 800-163, Technical Considerations for Vetting 3rd Party Mobile Applications, is now available for public comment. The purpose of this document is to provide guidance...

Draft SP 800-85B-4 PIV Data Model Conformance Test Guidelines
August 6, 2014
NIST produced a revised version of NIST Special Publication SP 800-85B, PIV Data Model Conformance Test Guidelines. The revisions include additional tests necessary to test new features added to the PIV Data Model in...

DRAFT Special Publication 800-53A Revision 4
July 31, 2014
NIST announces the release of Draft Special Publication 800-53A, Revision 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans ...

Public Comments: DRAFT NISTIR 8018
July 29, 2014
On February 25, 2014, the Association of Public-Safety Communications Officials (APCO) International, in cooperation with FirstNet and the Department of Commerce held a half-day workshop titled “Public Safety Mobile...

DRAFT NISTIR 8006, NIST Cloud Forensic Science Challenges
July 29, 2014
NIST extended the public review period of the recently posted Draft NIST IR 8006, NIST Cloud Forensic Science Challenges, and will accept comments on the document until AUGUST 25, 2014. 

NIST Released DRAFT NISTIR 8014
July 15, 2014
In cooperation with the Public Safety Communications Research (PSCR) Program, NIST announces the release of NIST Interagency Report (NISTIR) 8014, Considerations for Identity Management in Public Safety Mobile Networks...

VCAT recommendations for the NIST Cryptographic Standards
July 14, 2014
NIST’s Visiting Committee for Advanced Technology (VCAT) finalized a report detailing recommendations for NIST’s cryptographic standards program. The VCAT’s recommendations are ...

NIST Released NIST Interagency Report (NISTIR) 7987
July 2, 2014
NIST Interagency Report (NISTIR) 7987 describes an access control framework, referred to as the Policy Machine (PM), which fundamentally changes the way access control policy is expressed and enforced. The report...

Explanation of Changes to Draft SP 800-38G
June 27, 2014
Draft Special Publication 800-38G, Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption, released for public comment in July 2013, included three methods for format-preserving...

DRAFT NISTIR 8006, NIST Cloud Forensic Science Challenges
June 23, 2014
NIST announces that Draft NIST IR 8006, NIST Cloud Forensic Science Challenges, has been released for public comments – can be accessed by the CSRC Drafts page. Deadline to submit comments has been ...

Errata Update to Special Publication 800-37, Revision 1
June 10, 2014
NIST announces the release of an errata update to Special Publication 800-37, Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach.

Supplemental Guidance on Ongoing Authorization
June 3, 2014
NIST announces the release of Supplemental Guidance on Ongoing Authorization: Transitioning to Near Real-Time Risk Management. This publication responds to Office of Management and Budget (OMB) Memorandum M-14-03...

Second Draft Special Publication 800-161
June 3, 2014
NIST announces that Draft Special Publication (SP) 800-161, Supply Chain Risk Management Practices for Federal Information Systems and Organizations, has been released for public comment ....

Public Comments: Second Draft NISTIR 7924
May 29, 2014
NIST announces the public comment release of second draft of NIST Interagency Report 7924, Reference Certificate Policy. The purpose of this document is to identify a set of security controls and practices to...

SP 800-101 Revision 1, Guidelines on Mobile Device Forensics
May 28, 2014
NIST announces the release of Special Publication (SP) 800-101 Revision 1, Guidelines on Mobile Device Forensics. Mobile device forensics is the science of recovering digital evidence from a mobile device under...