News & Updates

The public comment period for Draft NISTIR 8286B, "Prioritizing Cybersecurity Risk for Enterprise Risk Management," is open through October 15, 2021.

A new draft NIST Cybersecurity White Paper on "Planning for a Zero Trust Architecture" is available for comment through September 3, 2021.

A second public draft of NISTIR 8286A is available: "Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management." The comment period is open through August 6, 2021.

NIST's NCCoE has released Draft SP 1800-22, "Mobile Device Security: Bring Your Own Device (BYOD)." The public comment period is open through May 17, 2021.

The NCCoE is requesting comments on a new Draft Project Description, "Addressing Visibility Challenges with TLS 1.3." Public comments may be submitted through March 29, 2021.

Draft NISTIR 8286A, "Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management," is available for comment through February 1, 2021.

NIST SP 800-209, "Security Guidelines for Storage Infrastructure," has been published.

NISTIR 8286, "Integrating Cybersecurity and Enterprise Risk Management (ERM)," is now available.

NIST has published Special Publication (SP) 1800-11, "Data Integrity: Recovering from Ransomware and Other Destructive Events."

The NIST Cybersecurity Practice Guide on "Mobile Device Security: Corporate-Owned Personally-Enabled (COPE)" has been published as SP 1800-21.

NIST requests review and comments on Special Publication (SP) 800-46 Revision 2, "Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security." The comment period is open through October 30, 2020.

A preliminary draft of Volume A of SP 1800-31A, "Improving Enterprise Patching for General IT Systems," is available for comment through October 9, 2020.

NIST publishes Special Publication (SP) 800-207, "Zero Trust Architecture."

NIST has released Draft Special Publication (SP) 800-209, "Security Guidelines for Storage Infrastructure," for public comment.  The comment period is open through August 31, 2020.

NIST is requesting comments on the Second Draft of NISTIR 8286, "Integrating Cybersecurity and Enterprise Risk Management (ERM)." The public comment period closes August 21, 2020.

NIST has released Draft SP 800-124 Revision 2, "Guidelines for Managing the Security of Mobile Devices in the Enterprise," for public comment. The comment period ends June 26, 2020.

NIST has published a new ITL Bulletin (March 2020) that addresses enterprise security solutions for telework, remote access, and BYOD. Also, a new Telework Cybersecurity summary is available on the CSRC homepage and will be updated as new resources are added for organizations and teleworkers. 

NIST is requesting comments on Draft NISTIR 8286, "Integrating Cybersecurity and Enterprise Risk Management (ERM)." The public comment period closes April 20, 2020.

NIST has released Draft Special Publication (SP) 800-207, Zero Trust Architecture. Public comments are due by November 22, 2019.

NIST seeks comments on the Preliminary Draft of the "NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management." The comment period closes October 24, 2019.

The NCCoE has released Draft SP 1800-21, "Mobile Device Security: Corporate-Owned Personally-Enabled (COPE)," for public comment. The comment period ends September 23, 2019.

NIST is soliciting public comments on the development of a new NIST Privacy Framework: An Enterprise Risk Management Tool. Comments are due December 31, 2018.