News & Updates

NIST has published an update to its Risk Management Framework specification, in NIST Special Publication (SP) 800-37 Revision 2.

NIST has published NISTIR 8011 Volume 3, "Automation Support for Security Control Assessments: Software Asset Management."

The final public draft of NIST SP 800-37 Revision 2, Risk Management Framework for Information Systems and Organizations--A System Life Cycle Approach for Security and Privacy, is now available. The public comment period closes October 31, 2018.

The initial public draft of SP 800-37 Revision 2, Risk Management Framework for Information Systems and Organizations, is available for public comment until June 22, 2018.

NIST has published NIST Internal Report (NISTIR) 7511 Revision 5, Security Content Automation Protocol (SCAP) Version 1.3 Validation Program Test Requirements.

NIST has updated the federal agency organizational codes specified in Special Publication (SP) 800-87, Codes for the Identification of Federal and Federally-Assisted Organizations. The changes included in this update, Revision 2, are summarized in the revision history in Appendix A.

Ensuring the Security of Virtualized Server Platforms Against Potential Threats: NIST Releases Draft Special Publication 800-125A Revision 1, Security Recommendations for Server-based Hypervisor Platforms

When software programs in a network are unmanaged, or unidentified, they are vulnerable to attacks, and.....

The Information Security and Privacy Advisory Board (ISPAB) will meet Thursday, March 15, 2018 from 9:00 a.m. until 5:00 p.m., Eastern Time, and Friday, March 16, 2018 from 9:00 a.m. until 4:30 p.m. Eastern Time. All sessions will be open to the public....

NIST announces the release of Draft NISTIR 7511 Revision 5.  This draft NISTIR has been updated.....

1st draft of Botnet report out for comment

The Information Security and Privacy Advisory Board (ISPAB) will meet October 25-27, 2017. All sessions will be open to the public.

NIST Announces the Release of a Discussion Draft of Special Publication (SP) 800-37, Revision 2, Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy

NIST Releases the Initial Public Draft of Special Publication 800-53, Revision 5, Security and Privacy Controls for Information Systems and Organizations.

NIST requests public comments on the release of Draft Special Publication (SP) 800-70 Revision 4, National Checklist Program for IT Products: Guidelines for Checklist Users and Developers. 

This draft white paper is a best practices guide. The paper is in response to the Cybersecurity Strategy and Implementation Plan (CSIP), published by the Office of Management and Budget (OMB) ...

NIST announces the release of an Errata Update for Special Publication 800-53, Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations. This update contains new mapping tables for ISO/IEC 27001: 2013

NIST announces the release of Draft Special Publication 800-53, Revision 4, Appendix H, International Information Security Standards, Security Control Mappings for ISO/IEC 27001: 2013. (NOTE: This draft Appendix H for SP 800-53 Revision 4 ...

NIST announces the release of Special Publication 800-82, Revision 2, Guide to Industrial Control System (ICS) Security. Special Publication 800-82 provides guidance on how to improve the security in Industrial Control Systems (ICS), ...

NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations

The NIST Computer Security Division is pleased to release the Revised Draft Federal Information Processing Standard (FIPS) 201-2, Personal Identity Verification of Federal Employees and Contractors. The Revised Draft FIPS 201-2 reflects the disposition of comments ...

NIST announces the public comment release of Draft NIST Interagency Report (NISTIR) 7848, Specification for the Asset Summary Reporting Format 1.0. NISTIR 7848 defines the Asset Summary Reporting (ASR) format version 1.0, a data model for expressing the data ...

NIST announces the final release of Special Publication (SP) 800-153, Guidelines for Securing Wireless Local Area Networks (WLANs). The purpose of this publication is to provide organizations with recommendations for improving the security configuration and monitoring ...