You are viewing this page in an unauthorized frame window.
This is a potential security issue, you are being redirected to https://csrc.nist.gov.
An official website of the United States government
Here’s how you know
Official websites use .gov A
.gov website belongs to an official government
organization in the United States.
Secure .gov websites use HTTPS A
lock (
) or https:// means you’ve safely connected to
the .gov website. Share sensitive information only on official,
secure websites.
NIST announces the release of Special Publication (SP) 800-172, "Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171"
A new NIST Cybersecurity Practice Guide, NIST SP 1800-24, is now available: "Securing Picture Archiving and Communication System (PACS): Cybersecurity for the Healthcare Sector."
Four draft guidance documents on defining IoT cybersecurity requirements--for federal agencies and IoT device manufacturers--are now available for comment through February 26, 2021: Draft SP 800-213 and Draft NISTIRs 8259B/C/D.
A new publication formalizes the Common Vulnerabilities and Exposures (CVE) entry metadata submission process that's used in conjunction with the National Vulnerability Database (NVD).
NIST has issued supplemental materials and errata updates for both SP 800-53 Rev. 5 and SP 800-53B, which were originally published in September 2020. New materials include control mappings and control comparisons.
NIST's National Initiative for Cybersecurity Education (NICE) has released an update of its Workforce Framework for Cybersecurity (NICE Framework) in Special Publication 800-181 Revision 1.
Draft FIPS 201-3, "Personal Identity Verification (PIV) of Federal Employees and Contractors," is now available for public comment through February 1, 2021.
Draft NISTIR 8212, "ISCMA: An Information Security Continuous Monitoring Program Assessment," is available for public comment through November 13, 2020.
NIST has posted a call for comments on "Performance Measurement Guide for Information Security" (SP 800-55 Rev. 1), with a comment period open through December 10, 2020. A new "Measurements for Information Security" project is also available.
NIST Special Publication (SP) 800-53 Revision 5, "Security and Privacy Controls for Information Systems and Organizations," represents a multi-year effort to develop the next generation of controls needed to strengthen and support the Federal Government and critical infrastructure sectors.
NIST has released the final public draft of NIST Cybersecurity Practice Guide SP 1800-15, "Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD)." The comment period closes October 16, 2020.
The National Cybersecurity Center of Excellence has released Draft NIST Cybersecurity Practice Guide (SP 1800-27), "Securing Property Management Systems," for public comment. The comment period closes on October 28, 2020.
A preliminary draft of Volume A of SP 1800-31A, "Improving Enterprise Patching for General IT Systems," is available for comment through October 9, 2020.
A draft white paper, "Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management," is available for comment through October 8, 2020.
NIST has released two draft NISTIRs for the National Cybersecurity Online Informative References (OLIR) Program: Draft (2nd) NISTIR 8278 and Draft NISTIR 8278A. The comment period for each publication closes September 4, 2020.
NIST has released Draft SP 800-53B, "Control Baselines for Information Systems and Organizations," for public comment. The comment period is open through September 11, 2020.
NIST has released Draft Special Publication (SP) 800-209, "Security Guidelines for Storage Infrastructure," for public comment. The comment period is open through August 31, 2020.