U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Computer Security Resource Center

Computer Security Resource Center

News & Updates

Showing 14 matching records.
NISTIR 8212: ISCM Program Assessment and Tool
March 31, 2021

NIST has published NISTIR 8212, "An Information Security Continuous Monitoring Program Assessment," and the ISCMAx tool that implements the ISCM program assessment described in SP 800-137A.

NIST Publishes SP 800-172
February 2, 2021

NIST announces the release of Special Publication (SP) 800-172, "Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171"

Draft NIST SP 800-47 Rev. 1 Available for Comment
January 26, 2021

Draft NIST SP 800-47 Revision 1, "Managing the Security of Information Exchanges," is now available for public comment through March 12, 2021.

ISCMA Draft NISTIR 8212 Available for Comment
October 1, 2020

Draft NISTIR 8212, "ISCMA: An Information Security Continuous Monitoring Program Assessment," is available for public comment through November 13, 2020.

Assessing ISCM Programs: NIST SP 800-137A
May 21, 2020

NIST has published Special Publication (SP) 800-137A, "Assessing Information Security Continuous Monitoring (ISCM) Programs: Developing an ISCM Program Assessment."

NIST Publishes NISTIR 8011 Vol. 4
April 28, 2020

NIST has published Volume 4 of NISTIR 8011:  "Automation Support for Security Control Assessments: Software Vulnerability Management."

NIST Updates SP 800-128
October 15, 2019

NIST has updated Special Publication (SP) 800-128, "Guide for Security-Focused Configuration Management of Information Systems"

NIST Releases Draft SP 1800-23 for Comment
September 23, 2019

The NCCoE has released Draft SP 1800-23, "Energy Sector Asset Management," for public comment. The comment period ends November 25, 2019.

NCCoE Releases Data Confidentiality Draft Project Descriptions
June 24, 2019

The NCCoE at NIST has posted to data confidentiality draft project descriptions for public comment. Comments are due by July 29, 2019.

NCCoE Draft Project Descriptions for SMBs and Manufacturing
June 17, 2019

The NCCoE has posted two draft Project Descriptions for public comment. Detecting and protecting against data integrity attacks in industrial control systems (ICS) closes July 25th. Continuous Monitoring (for small and medium...

RMF Update: NIST Publishes SP 800-37 Rev. 2
December 20, 2018

NIST has published an update to its Risk Management Framework specification, in NIST Special Publication (SP) 800-37 Revision 2.

NCCoE Releases Draft NISTIR 8219 for Comment
November 7, 2018

NIST's NCCoE has released Draft NIST Internal Report (NISTIR) 8219, "Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection." Public comments may be submitted until December 6, 2018.

Final Public Draft SP 800-37 Rev 2 Available for Comment
October 2, 2018

The final public draft of NIST SP 800-37 Revision 2, Risk Management Framework for Information Systems and Organizations--A System Life Cycle Approach for Security and Privacy, is now available. The public comment period...

NIST Releases Draft SP 800-37 Rev 2
May 9, 2018

The initial public draft of SP 800-37 Revision 2, Risk Management Framework for Information Systems and Organizations, is available for public comment until June 22, 2018.