Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

News & Updates

Showing 1 through 25 of 173 matching records.
October 7, 2024

Initial Public Draft (IPD) NIST IR 8480, Attribute Validation Services for Identity Management, is available for public comment through Monday, December 2, 2024.

April 10, 2024

NIST has released three self-guided online introductory courses on the NIST Special Publication (SP) 800-53 security and privacy control catalog.

February 12, 2024

NIST is releasing Special Publication (SP) 800-204D, Strategies for the Integration of Software Supply Chain Security in DevSecOps CI/CD Pipelines.

February 9, 2024

NIST has published Special Publication (SP) 800-223, High-Performance Computing Security: Architecture, Threat Analysis, and Security Posture.

January 17, 2024

NIST Special Publication (SP) Draft 800-55, Measurement Guide for Information Security, Volume 1 — Identifying and Selecting Measures, and Volume 2 — Developing an Information Security Measurement Program, are now available for public review and comment through March 18, 2024.

January 9, 2024

NIST plans to update Special Publication (SP) 800-100, Information Security Handbook: A Guide for Managers, and is issuing a Pre-Draft Call for Comments to solicit feedback from users. Deadline to submit comments is February 23, 2024.

December 13, 2023

The initial public draft (ipd) of SP 800-79r3 (Revision 3), Guidelines for the Authorization of PIV Card and Derived PIV Credential Issuers, provides appropriate and useful guidelines for assessing the reliability of PIV Card and derived PIV credential issuers. Comment deadline is January 29, 2024.

December 6, 2023

NIST has released Cybersecurity White Paper (CSWP) 30, Automation Support for Control Assessments – Project Update and Vision, which describes planned updates to the NIST Interagency Report (IR) 8011 series.

November 15, 2023

The National Cybersecurity Center of Excellence (NCCoE) has released the initial public draft of NIST IR 8496 for public comment. The comment period closes on January 9, 2024.

November 9, 2023

The final public draft (fpd) of NIST Special Publication (SP) 800-171r3 (Revision 3) and initial public draft (ipd) of NIST SP 800-171Ar3 (Revision 3) are now available for public review. The comment period is open through January 26, 2024.

November 7, 2023

NIST has issued SP 800-53 Release 5.1.1 in the Cybersecurity and Privacy Reference Tool (CPRT).

October 17, 2023

NIST is issuing one new proposed control and two control enhancements with corresponding assessment procedures for an expedited 2-week public comment period for October 17–31, 2023.

October 11, 2023

NIST has released the initial public draft of Special Publication (SP) 800-92r1 (Revision 1), Cybersecurity Log Management Planning Guide, for public comment. The comment period closes on November 29, 2023.

September 28, 2023

NIST has published "Special Publication (SP) 800-82r3 (Revision 3), Guide to Operational Technology (OT) Security", which provides guidance on how to improve the security of OT systems while addressing their unique performance, reliability, and safety requirements.

September 27, 2023

Two PIV publications are being revised: "Interfaces for Personal Identity Verification" (SP 800-73-5, 3 parts), and "Cryptographic Algorithms and Key Sizes for Personal Identity Verification" (SP 800-78-5). Submit your public comments through December 8, 2023.

September 26, 2023

The NCCoE has released the second preliminary drafts of NIST SP 1800-36, Vols. A and D, “Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management.” The comment period is open now through November 10, 2023.

August 30, 2023

The initial public draft (ipd) of NIST Special Publication (SP) 800-204D, Strategies for the Integration of Software Supply Chain Security in DevSecOps CI/CD Pipelines, is now available for public comment.

August 28, 2023

Draft NIST Special Publication (SP) 800-50r1 (Revision 1), Building a Cybersecurity and Privacy Learning Program, is now available for public comment. The comment period closes on October 27, 2023.

August 17, 2023

NIST has released the initial public draft (ipd) of a new report for public comment: NIST Internal Report (IR) 8477 ipd, Mapping Relationships Between Documentary Standards, Regulations, Frameworks, and Guidelines: Developing Cybersecurity and Privacy Concept Mappings.

July 20, 2023

NIST has released the final version of Special Publication (SP) 800-219 Revision 1, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP).

June 21, 2023

NIST Internal Report (NIST IR) 8355, NICE Framework Competencies: Preparing a Job-Ready Cybersecurity Workforce, has been published. This publication describes Competency Areas as included in the NICE Framework, providing information on how Competency Areas are defined and how they can be used.

June 20, 2023
Federal Register Number: 2023-13043

The National Cybersecurity Center of Excellence (NCCoE) has released the final project description, "Cybersecurity for the Water and Wastewater Sector: A Practical Reference Design for Mitigating Cyber Risk in Water and Wastewater Systems." The NCCoE is now calling for project collaborators.

June 15, 2023

The National Cybersecurity Center of Excellence (NCCoE) has released for public comment a draft of NIST Internal Report (NISTIR) 8467, Cybersecurity Framework Profile for Genomic Data. The comment period is now open through July 17, 2023.

June 7, 2023

The National Cybersecurity Center of Excellence (NCCoE) has released a preliminary practice guide, Automation of the NIST Cryptographic Module Validation Programfor public comment through July 25, 2023.  

May 17, 2023

NIST Special Publication (SP) 800-124 Revision 2, Guidelines for Managing the Security of Mobile Devices in the Enterprise, assists organizations in managing and securing mobile devices against the ever-evolving threats.

1     2     3     4     5     6     7  next >  last >>