News & Updates

As part of ongoing efforts to strengthen protections for securing controlled unclassified information (CUI) in nonfederal systems, NIST has released SP 800-172r3, Enhanced Security Requirements for Protecting Controlled Unclassified Information, and SP 800-172Ar3, Assessing Enhanced Security Requirements for Controlled Unclassified Information

The National Cybersecurity Center of Excellence (NCCoE) has published the final version of NIST Cybersecurity White Paper (CSWP) 34, Mitigating Cybersecurity and Privacy Risks in Telehealth Smart Home Integration.

NIST Releases Two Updated Security Content Automation Protocol (SCAP)  Publications for Comment

The new enhanced security requirements in SP 800-172r3 support cyber resiliency objectives, focus on protecting CUI, and are consistent with the source controls in SP 800-53r5. SP 800-172Ar3 provides a set of assessment procedures for the enhanced security requirements. Comments are due November 14, 2025.

NIST has released Special Publication (SP) 800-88r2 (Revision 2), Guidelines for Media Sanitization.

The initial public draft (ipd) of NIST Special Publication (SP) 800-88r2 (Revision 2), Guidelines for Media Sanitization. The public comment period is open through August 29, 2025.

NIST Publishes NIST IR 8562, the Summary Report for "Workshop on Updating Manufacturer Guidance for Securable Connected Product Development"

NIST has published Internal Report (IR) 8356, Security and Trust Considerations for Digital Twin Technology

The initial public draft (ipd) of NIST Special Publication (SP) 800-172 Revision 3, Enhanced Security Requirements for Protecting Controlled Unclassified Information (CUI), is available for comment. The public comment period is open through January 17, 2025.

The Initial Public Draft for SP 1326, NIST Cybersecurity Supply Chain Risk Management: Due Diligence Assessment Quick-Start Guide; is available for public comment. The public comment period is open through December 16, 2024.

NIST has published the final versions of Special Publication (SP) 800-171r3 (Revision 3), Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, and SP 800-171Ar3, Assessing Security Requirements for Controlled Unclassified Information.

The initial public draft of Special Publication (SP) 800-61r3 (Revision 3), "Incident Response Recommendations and Considerations for Cybersecurity Risk Management: A CSF 2.0 Community Profile," is available for public comment, with comments due by May 20, 2024.

NIST Special Publication (SP) 800-124 Revision 2, Guidelines for Managing the Security of Mobile Devices in the Enterprise, assists organizations in managing and securing mobile devices against the ever-evolving threats.

NIST has released a major revision to Special Publication (SP) 800-160 Volume 1, Engineering Trustworthy Secure Systems.

NIST is releasing the final public draft of a major revision to Special Publication (SP) 800-160 Volume 1, Engineering Trustworthy Secure Systems. The public comment period is open through July 8, 2022.

NIST has released the initial public draft of NIST Special Publication (SP) 800-82r3, Guide to Operational Technology (OT) Security, which provides guidance on how to improve the security of OT systems.  The deadline to submit comments is July 1, 2022.

NIST has published NIST Internal Report (NISTIR) 8419, Blockchain and Related Technologies to Support Manufacturing Supply Chain Traceability: Needs and Industry Perspectives.

NIST is releasing the draft of a major revision to Special Publication (SP) 800-160 Volume 1, Engineering Trustworthy Secure Systems, which is available for comment through February 25, 2022.

NIST announces the release of a major update to Special Publication (SP) 800-160 Volume 2, Revision 1, "Developing Cyber-Resilient Systems: A Systems Security Engineering Approach."

The NCCoE has released a Draft Project Description on "Mitigating Cybersecurity Risk in Telehealth Smart Home Integration." The public comment period is open through October 4, 2021.

A public comment period is open through September 20, 2021, for Draft Special Publication 800-160 Volume 2, Revision 1, "Developing Cyber-Resilient Systems: A Systems Security Engineering Approach."

NIST has published SP 800-47 Revision 1, "Managing the Security of Information Exchanges."

Draft NISTIR 8356, "Considerations for Digital Twin Technology and Emerging Standards," is now available for public comment through June 16, 2021.

NIST has published NISTIR 8212, "An Information Security Continuous Monitoring Program Assessment," and the ISCMAx tool that implements the ISCM program assessment described in SP 800-137A.

NIST's NCCoE has released Draft SP 1800-22, "Mobile Device Security: Bring Your Own Device (BYOD)." The public comment period is open through May 17, 2021.