News & Updates

NIST is publishing NIST IR 8323r1 (revision 1), Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services. 

The NIST Cybersecurity Framework (CSF) helps organizations better understand, manage, reduce, and communicate cybersecurity risks. NIST is updating the CSF to keep pace with the evolving cybersecurity landscape. 

NIST recognizes the importance of the infrastructure that provides positioning, timing, and navigation (PNT) information to the scientific knowledge, economy, and security of the Nation. This infrastructure consists of three parts: the space segment, the ground segment, and the users of PNT.

NIST is seeking public comments on two draft NIST Internal Reports (NIST IR) for the National Online Informative References (OLIR) Program. 

The NCCoE has released an initial public draft of NIST Interagency Report (IR) 8406, Cybersecurity Framework Profile for Liquefied Natural Gas. The comment period is open through November 17, 2022.

The initial public draft of NIST IR 8323r1, Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services, is available for comment. Public comment period is open through August 12, 2022.

NIST IR 8401, "Satellite Ground Segment: Applying the Cybersecurity Framework to Assure Satellite Command and Control," applies the NIST CSF to the ground segment of space operations. Public comments are due by June 20, 2022.

NIST's NCCoE releases "Protecting Information and System Integrity in Industrial Control System Environments: Cybersecurity for the Manufacturing Sector," NIST Special Publication 1800-10.

The National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description, "Responding to and Recovering from a Cyber Attack: Cybersecurity for the Manufacturing Sector." The public comment period is open through April 28, 2022.

NIST is releasing two guides to address the challenge of ransomware: NISTIR 8374, "Ransomware Risk Management: A Cybersecurity Framework Profile," and a companion quick start guide, "Getting Started with Cybersecurity Risk Management: Ransomware."

NIST is seeking information to assist in evaluating and improving its cybersecurity resources—including the widely-used NIST Cybersecurity Framework (CSF) and a variety of existing and potential standards, guidelines, and other information. Comments are due by April 25, 2022.

NIST has published SP 1800-32, "Securing Distributed Energy Resources: An Example of Industrial Internet of Things Cybersecurity."

NIST has released final IoT-specific guidance (NIST Special Publications 800-213 and 800-213A) to federal organizations to support extending their risk management process to the inclusion of IoT devices in federal systems.

This white paper highlights a recent mapping effort between the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards and the NIST Cybersecurity Framework.

NIST’s National Cybersecurity Center of Excellence (NCCoE) has released a draft of NIST Special Publication (SP) 1800-32, Securing the Industrial Internet of Things: Cybersecurity for Distributed Energy Resources.

The public comment period for Draft NISTIR 8374, "Ransomware Risk Management," is open through October 8, 2021

NIST has published NISTIR 8259B, "IoT Non-Technical Supporting Capability Core Baseline," to complement the technical abilities defined in NISTIR 8259A, "Core Device Cybersecurity Capability Baseline."

NIST's National Cybersecurity Center of Excellence (NCCoE) has released Preliminary Draft NISTIR 8374, "Cybersecurity Framework Profile for Ransomware Risk Management." The public comment period is open through July 9, 2021.

NIST has published a new Cybersecurity Practice Guide, NIST Special Publication (SP) 1800-15, "Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD)."

A new draft NISTIR 8310, "Cybersecurity Framework Election Infrastructure Profile," is available for public comment through May 14, 2021.

NIST announces the publication of NISTIR 8276, Key Practices in Cyber Supply Chain Risk Management: Observations from Industry.

NIST publishes NISTIR 8323, "Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services," in response to Executive Order 13905 of Feb. 12, 2020.

NIST has issued supplemental materials and errata updates for both SP 800-53 Rev. 5 and SP 800-53B, which were originally published in September 2020. New materials include control mappings and control comparisons. 

NIST's NCCoE is publishing two Cybersecurity Practice Guides for data integrity that address identifying and protecting assets against--and detecting and responding to--ransomware and other destructive events. Special Publications (SP) 1800-25 and 1800-26 are now available.

NIST has published two documents for the National Online Informative References (OLIR) Program, NISTIR 8278 and NISTIR 8278A.