News & Updates

The National Institute of Standards and Technology Human-Centered Cybersecurity program is pleased to announce the release of the NIST Phish Scale User Guide.  

The final public draft (fpd) of NIST Special Publication (SP) 800-171r3 (Revision 3) and initial public draft (ipd) of NIST SP 800-171Ar3 (Revision 3) are now available for public review and comment. 

Internal and external reporting of security vulnerabilities in software and information systems owned or utilized by the Federal Government is critical to mitigating risk, establishing a robust security posture, and...

NIST Special Publication (SP) 800-124 Revision 2, Guidelines for Managing the Security of Mobile Devices in the Enterprise, assists organizations in managing and securing mobile devices against the ever-evolving threats.

The initial public draft (IPD) of NIST Special Publication (SP) 800-171, Revision 3, "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations," is available for public comment and review through...

The initial public draft of NIST AI 100-2 (2003 edition), Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations, is now available for public comment.

NIST Interagency Report (IR) 8011, Automation Support for Security Control Assessments, provides guidance on automating the assessment of controls that can be tested.

In July 2022, NIST issued a Pre-Draft Call for Comments on the Controlled Unclassified Information (CUI) series of publications.

NIST seeks information for a planned update of the Controlled Unclassified Information series of publications (SP 800-171, -171A, -172, and -172A). The public comment period is open through September 16, 2022.

NIST's NCCoE releases "Protecting Information and System Integrity in Industrial Control System Environments: Cybersecurity for the Manufacturing Sector," NIST Special Publication 1800-10.

NIST Releases Special Publication 800-172A, "Assessment Procedures for Enhanced Security Requirements."

The National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description, "Responding to and Recovering from a Cyber Attack: Cybersecurity for the Manufacturing Sector." The public comment period...

NIST is releasing two guides to address the challenge of ransomware: NISTIR 8374, "Ransomware Risk Management: A Cybersecurity Framework Profile," and a companion quick start guide, "Getting Started with Cybersecurity Risk...

NIST has published SP 1800-32, "Securing Distributed Energy Resources: An Example of Industrial Internet of Things Cybersecurity."

NIST announces the release of a major update to Special Publication (SP) 800-160 Volume 2, Revision 1, "Developing Cyber-Resilient Systems: A Systems Security Engineering Approach."

NIST’s National Cybersecurity Center of Excellence (NCCoE) has released a draft of NIST Special Publication (SP) 1800-32, Securing the Industrial Internet of Things: Cybersecurity for Distributed Energy Resources.

The public comment period for Draft NISTIR 8374, "Ransomware Risk Management," is open through October 8, 2021

A public comment period is open through September 20, 2021, for Draft Special Publication 800-160 Volume 2, Revision 1, "Developing Cyber-Resilient Systems: A Systems Security Engineering Approach."

NIST's National Cybersecurity Center of Excellence (NCCoE) has released Preliminary Draft NISTIR 8374, "Cybersecurity Framework Profile for Ransomware Risk Management." The public comment period is open through July 9, 2021.

NIST has published a new Cybersecurity Practice Guide, NIST Special Publication (SP) 1800-15, "Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage...

NIST's NCCoE has published Cybersecurity Practice Guide SP 1800-27, "Securing Property Management Systems."

The NCCoE is requesting comments on a new Draft Project Description, "Addressing Visibility Challenges with TLS 1.3." Public comments may be submitted through March 29, 2021.

NIST announces the release of Special Publication (SP) 800-172, "Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171"

NIST's NCCoE is publishing two Cybersecurity Practice Guides for data integrity that address identifying and protecting assets against--and detecting and responding to--ransomware and other destructive events. Special...

NIST SP 800-209, "Security Guidelines for Storage Infrastructure," has been published.