News & Updates

The NCCoE is requesting comments on a new Draft Project Description, "Addressing Visibility Challenges with TLS 1.3." Public comments may be submitted through March 29, 2021.

NIST announces the release of Special Publication (SP) 800-172, "Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171"

NIST's NCCoE is publishing two Cybersecurity Practice Guides for data integrity that address identifying and protecting assets against--and detecting and responding to--ransomware and other destructive events. Special Publications (SP) 1800-25 and 1800-26 are now available.

NIST SP 800-209, "Security Guidelines for Storage Infrastructure," has been published.

NIST Technical Note (TN) 2111, "An Empirical Study on Flow-based Botnet Attacks Prediction," is now available. 

NIST's NCCoE has posted a draft paper, "Securing Data Integrity Against Ransomware Attacks: Using the NIST Cybersecurity Framework and NIST Cybersecurity Practice Guides. The public comment period is open through November 13, 2020.

NIST has published Special Publication (SP) 1800-11, "Data Integrity: Recovering from Ransomware and Other Destructive Events."

NIST has released the final public draft of NIST Cybersecurity Practice Guide SP 1800-15, "Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD)." The comment period closes October 16, 2020.

The National Cybersecurity Center of Excellence has released Draft NIST Cybersecurity Practice Guide (SP 1800-27), "Securing Property Management Systems," for public comment. The comment period closes on October 28, 2020.

NIST has released a final public draft for comment: Draft Special Publication (SP) 800-172. The comment period ends on August 21, 2020.

NIST has released Draft SP 800-124 Revision 2, "Guidelines for Managing the Security of Mobile Devices in the Enterprise," for public comment. The comment period ends June 26, 2020.

NIST has released a second public draft of Special Publication 800-189, "Resilient Interdomain Traffic Exchange: BGP Security and DDoS Mitigation." The public comment period closes November 15, 2019.

NIST has released the Final Public Draft of Special Publication (SP) 800-160 Volume 2, "Developing Cyber Resilient Systems: A Systems Security Engineering Approach." Public comment are due by November 1, 2019.

NIST has published NIST SP 800-204, Security Strategies for Microservices-based Application Systems.

The NCCoE at NIST has posted to data confidentiality draft project descriptions for public comment. Comments are due by July 29, 2019.

NIST has released two draft publications for comment: SP 800-171 Rev. 2 and SP 800-171B. The comment period for both drafts ends on July 19, 2019.

The NCCoE has posted two draft Project Descriptions for public comment. Detecting and protecting against data integrity attacks in industrial control systems (ICS) closes July 25th. Continuous Monitoring (for small and medium businesses) is closes on July 26th.

The NCCoE has release a preliminary draft of Special Publication (SP) 1800-15 for public comment. Comments are due by June 24, 2019.

NIST is releasing Draft Special Publication (SP) 800-204, "Security Strategies for Microservices-based Application Systems." Public comments are due by April 26, 2019.

(New comments due date:  March 15, 2019) Draft Special Publication 800-189, "Secure Interdomain Traffic Exchange: BGP Robustness and DDoS Mitigation," is now available for comment. The deadline for submitting comments is March 15, 2019.

NIST's NCCoE has released Draft NIST Internal Report (NISTIR) 8219, "Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection." Public comments may be submitted until December 6, 2018.

Ensuring the Security of Virtualized Server Platforms Against Potential Threats: NIST Releases Draft Special Publication 800-125A Revision 1, Security Recommendations for Server-based Hypervisor Platforms

NIST is releasing NIST Internal Report (NISTIR) 8179, Criticality Analysis Process Model: Prioritizing Systems and Components, to help organizations identify those systems and components that are most vital and which may need additional security or other protections.

The United States continues to have complete dependence on information technology deployed in critical infrastructure systems and applications in both the....

1st draft of Botnet report out for comment