News & Updates

NIST invites comments on Draft NIST Special Publication (SP) 800-216, "Recommendations for Federal Vulnerability Disclosure Guidelines." The public comment period is open through August 9, 2021.

NIST's NCCoE has released a Draft Project Description, "Migration to Post-Quantum Cryptography." The public comment period is open through July 7, 2021.

Draft NISTIR 8334, "Using Mobile Device Biometrics for Authenticating First Responders," is available for public comment through July 19, 2021.

NIST's National Cybersecurity Center of Excellence (NCCoE) has released Draft NISTIR 8320, "Hardware-Enabled Security: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases." The public...

NIST has published a new Cybersecurity Practice Guide, NIST Special Publication (SP) 1800-15, "Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage...

The National Cybersecurity Center of Excellence has published a final Project Description on "Trusted IoT Device Network-Layer Onboarding and Lifecycle Management. This project will result in a NIST Cybersecurity Practice...

The NCCoE has released a draft project description on "Data Classification Practices: Facilitating Data-Centric Security." The public comment period is open through June 21, 2021.

NIST Seeks Comments on a draft white paper, “Establishing Confidence in IoT Device Security: How do we get there?” The comment period is open through June 14, 2021.

As part of a periodic review of its cryptography standards and NIST Special Publications, NIST is requesting comments on FIPS 197, SP 800-38A (and Addendum), SP 800-15, SP 800-25, and SP 800-32. Comments are due by June 11,...

Comments Sought on Updates to Cyber Supply Chain Risk Management Practices for Systems and Organizations (Draft NIST SP 800-161, Revision 1)

The NCCoE has released a second draft of SP 1800-30, "Securing Telehealth Remote Patient Monitoring Ecosystem." The public comment period is open through June 7, 2021.

NIST has posted a call for comments on NIST Special Publication (SP) 800-66 Revision 1, An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. The...

NIST has posted Draft NIST SP 800-161 Rev. 1, "Cyber Supply Chain Risk Management Practices for Systems and Organizations." The public comment period is open through June 14, 2021.

NIST's NCCoE has published "Getting Ready for Post-Quantum Cryptography: Exploring Challenges Associated with Adopting and Using Post-Quantum Cryptographic Algorithms."

NIST has released Draft Special Publication (SP) 800-172A, "Assessing Enhanced Security Requirements for Controlled Unclassified Information." Public comments are due June 11, 2021.

Draft NISTIR 8356, "Considerations for Digital Twin Technology and Emerging Standards," is now available for public comment through June 16, 2021.

The NCCoE is requesting comments on a new Draft Project Description, "Automation of the Cryptographic Module Validation Program (CMVP)." Public comments may be submitted through May 12, 2021.

NIST has published NISTIR 8212, "An Information Security Continuous Monitoring Program Assessment," and the ISCMAx tool that implements the ISCM program assessment described in SP 800-137A.

NIST's NCCoE has published Cybersecurity Practice Guide SP 1800-27, "Securing Property Management Systems."

A new draft NISTIR 8310, "Cybersecurity Framework Election Infrastructure Profile," is available for public comment through May 14, 2021.

Ten finalists are moving to the final round of the Lightweight Cryptography Standardization process.

Version 2 of test Personal Identity Verification (PIV) Cards now available.

Draft NISTIR 8360, "Machine Learning for Access Control Policy Verification," is available for comment through May 7, 2021.

NIST's NCCoE has released Draft SP 1800-22, "Mobile Device Security: Bring Your Own Device (BYOD)." The public comment period is open through May 17, 2021.

Draft NISTIR 8355, "NICE Framework Competencies: Assessing Learners for Cybersecurity Work," is available for comment through May 3, 2021.