News & Updates

NIST has released three self-guided online introductory courses on the NIST Special Publication (SP) 800-53 security and privacy control catalog.

NIST has released Cybersecurity White Paper (CSWP) 30, Automation Support for Control Assessments – Project Update and Vision, which describes planned updates to the NIST Interagency Report (IR) 8011 series.

The National Cybersecurity Center of Excellence (NCCoE) has released the initial public draft of NIST IR 8496 for public comment. The comment period closes on January 9, 2024.

The final public draft (fpd) of NIST Special Publication (SP) 800-171r3 (Revision 3) and initial public draft (ipd) of NIST SP 800-171Ar3 (Revision 3) are now available for public review. The comment period is open through January 26, 2024.

NIST has issued SP 800-53 Release 5.1.1 in the Cybersecurity and Privacy Reference Tool (CPRT).

NIST is issuing one new proposed control and two control enhancements with corresponding assessment procedures for an expedited 2-week public comment period for October 17–31, 2023.

NIST has released the initial public draft (ipd) of a new report for public comment: NIST Internal Report (IR) 8477 ipd, Mapping Relationships Between Documentary Standards, Regulations, Frameworks, and Guidelines: Developing Cybersecurity and Privacy Concept Mappings.

NIST has released the final version of Special Publication (SP) 800-219 Revision 1, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP).

The National Cybersecurity Center of Excellence (NCCoE) has published the final version of NIST Interagency Report (NIST IR) 8406, Cybersecurity Framework Profile for Liquefied Natural Gas (LNG).

The initial public draft (IPD) of NIST Special Publication (SP) 800-171, Revision 3, "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations," is available for public comment and review through July 14, 2023.

NIST requests comments on the initial public draft of Special Publication (SP) 800-219r1, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP).

NIST Interagency Report (IR) 8011, Automation Support for Security Control Assessments, provides guidance on automating the assessment of controls that can be tested.

NIST is seeking public comments on two draft NIST Internal Reports (NIST IR) for the National Online Informative References (OLIR) Program. 

In July 2022, NIST issued a Pre-Draft Call for Comments on the Controlled Unclassified Information (CUI) series of publications.

The NCCoE has released an initial public draft of NIST Interagency Report (IR) 8406, Cybersecurity Framework Profile for Liquefied Natural Gas. The comment period is open through November 17, 2022.

NIST seeks information for a planned update of the Controlled Unclassified Information series of publications (SP 800-171, -171A, -172, and -172A). The public comment period is open through September 16, 2022.

Participate in the inaugural 30-day comment period for a minor (errata) release of SP 800-53 Rev. 5. Submit your comments on proposed changes through August 12, 2022.

NIST has released the final version of Special Publication (SP) 800-219, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP). 

NIST Releases Special Publication 800-172A, "Assessment Procedures for Enhanced Security Requirements."

NIST requests comments on Draft Special Publication (SP) 800-219, "Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP)." The public comment period closes on March 23, 2022.

NIST has released Special Publication (SP) 800-53A Revision 5, "Assessing Security and Privacy Controls in Information Systems and Organizations."

The National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description, Secure IPv6-Only Implementation in the Enterprise.

A new SP 800-53 controls Public Comment Site is now available for interacting with, downloading, and submitting security and privacy controls, baselines, and assessments.

The NCCoE has released a Draft Project Description on "Mitigating Cybersecurity Risk in Telehealth Smart Home Integration." The public comment period is open through October 4, 2021.

Draft NIST Special Publication 800-53A Revision 5, "Assessing Security and Privacy Controls in Information Systems and Organizations," is available for comment through October 1, 2021.