You are viewing this page in an unauthorized frame window.
This is a potential security issue, you are being redirected to https://csrc.nist.gov.
An official website of the United States government
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock () or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
The NIST Cybersecurity Framework (CSF) helps organizations better understand, manage, reduce, and communicate cybersecurity risks. NIST is updating the CSF to keep pace with the evolving cybersecurity landscape.
NIST is announcing the initial public drafts of NIST SP 800-157r1 (Revision 1), "Guidelines for Derived Personal Identity Verification (PIV) Credentials," and NIST SP 800-217, "Guidelines for Personal Identity Verification...
NIST is currently reviewing SP 800-132, "Recommendation for Password-Based Key Derivation: Part 1: Storage Applications," (2010) and is requesting public feedback on all aspects of the publication by February 24, 2023.
NIST recognizes the importance of the infrastructure that provides positioning, timing, and navigation (PNT) information to the scientific knowledge, economy, and security of the Nation. This infrastructure consists of three...
NIST's Crypto Publication Review Board is proposing to update FIPS 197, and public comments are due on the draft by February 13, 2023. No technical changes are being made to the standard. This announcement summarizes the...
Revision 4 of NIST’s Special Publication 800-63, Digital Identity Guidelines, intends to respond to the changing digital landscape that has emerged since the last major revision of this suite (2017)—including the real-world...
NIST is introducing a plan to transition away from the current limited use of the Secure Hash Algorithm 1 (SHA-1) hash function. Other approved hash functions are already available. The transition will be completed by...
Business impact analyses (BIAs) have been traditionally used for business continuity and disaster recovery (BC/DR) planning to understand the potential impacts of outages that compromise IT infrastructure.
The NIST Cybersecurity Risk Analytics Team is hosting a virtual workshop to provide an overview of the proposed changes to Special Publication 800-55, Revision 2, Performance Measurement Guide for Information Security. The...
NIST has released the third public draft of NIST Special Publication (SP) 800-188, De-Identifying Government Data Sets, for public comment. The comment period closes on January 15, 2023.
NIST has released a working draft of NIST Special Publication (SP) 800-55 Revision 2, ***Insert Pub Link*** Performance Measurement Guide for Information Security. The deadline to submit comments is February 27, 2023.
The National Cybersecurity Center of Excellence (NCCoE) has released the final project description, Software Supply Chain and DevOps Security Practices: Implementing a Risk-Based Approach to DevSecOps.
The National Cybersecurity Center of Excellence (NCCoE) has released a new final project description, Mitigating AI/ML Bias in Context: Establishing Practices for Testing, Evaluation, Verification, and Validation of AI...
After considering two rounds of public comments, NIST has decided to convert FIPS 198-1, "The Keyed-Hash Message Authentication Code (HMAC)" to a NIST Special Publication.
The National Cybersecurity Center of Excellence (NCCoE) has published for comment a draft project description, Securing Water and Wastewater Utilities: Cybersecurity for the Water and Wastewater Systems Sector.
The second public draft of NIST Special Publication (SP) 800-140Br1 (Revision 1), CMVP Security Policy Requirements: CMVP Validation Authority Updates to ISO/IEC 24759 and ISO/IEC 19790 Annex B, is now available for public...
* "Relevance" merely indicates the search engine's score for a document. It is based on the search parameters and information in the document's detailed record.