News & Updates

The initial public draft of NIST SP 800-57 Part 1 Revision 6, "Recommendation for Key Management: Part 1– General," is available for public comment through February 5, 2026.

The new enhanced security requirements in SP 800-172r3 support cyber resiliency objectives, focus on protecting CUI, and are consistent with the source controls in SP 800-53r5. SP 800-172Ar3 provides a set of assessment procedures for the enhanced security requirements. Comments are due November 14, 2025.

The NIST National Cybersecurity Center of Excellence (NCCoE) has published an initial public draft of NIST Cybersecurity White Paper (CSWP) 48, "Mappings of Migration to PQC Project Capabilities to Risk Framework Documents." Comments are due October 20, 2025.

NIST has released the initial public draft (ipd) of Special Publication (SP) 800-18r2. The comment period is open through July 30, 2025.

NIST has published the final version of Special Publication (SP) 800-55, Measurement Guide for Information Security, which comprises: SP 800-55 Volume 1 and 2.

The initial public draft (ipd) of NIST Special Publication (SP) 800-172 Revision 3, Enhanced Security Requirements for Protecting Controlled Unclassified Information (CUI), is available for comment. The public comment period is open through January 17, 2025.

NIST Special Publication (SP) Draft 800-55, Measurement Guide for Information Security, Volume 1 — Identifying and Selecting Measures, and Volume 2 — Developing an Information Security Measurement Program, are now available for public review and comment through March 18, 2024.

NIST plans to update Special Publication (SP) 800-100, Information Security Handbook: A Guide for Managers, and is issuing a Pre-Draft Call for Comments to solicit feedback from users. Deadline to submit comments is February 23, 2024.

NIST has released a major revision to Special Publication (SP) 800-160 Volume 1, Engineering Trustworthy Secure Systems.

The NIST Cybersecurity Risk Analytics Team is hosting a virtual workshop to provide an overview of the proposed changes to Special Publication 800-55, Revision 2, Performance Measurement Guide for Information Security. The workshop will be held on December 13, 2022.

NIST has released a working draft of NIST Special Publication (SP) 800-55 Revision 2, ***Insert Pub Link*** Performance Measurement Guide for Information Security. The deadline to submit comments is February 27, 2023.

NIST is releasing the final public draft of a major revision to Special Publication (SP) 800-160 Volume 1, Engineering Trustworthy Secure Systems. The public comment period is open through July 8, 2022.

NIST announces the publication of a Cybersecurity White Paper (CSWP), Planning for a Zero Trust Architecture: A Guide for Federal Administrators, which describes processes for migrating to a zero trust architecture using the NIST Risk Management Framework (RMF).

NIST is releasing the draft of a major revision to Special Publication (SP) 800-160 Volume 1, Engineering Trustworthy Secure Systems, which is available for comment through February 25, 2022.

A new draft NIST Cybersecurity White Paper on "Planning for a Zero Trust Architecture" is available for comment through September 3, 2021.

NIST has published SP 800-47 Revision 1, "Managing the Security of Information Exchanges."

NIST has released Draft NISTIR 8344, "Ontology for Authentication," for public comment. Please submit your comments by April 9, 2021.

NIST announces the release of Special Publication (SP) 800-172, "Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171"

Draft NIST SP 800-47 Revision 1, "Managing the Security of Information Exchanges," is now available for public comment through March 12, 2021.

NIST has posted a call for comments on "Performance Measurement Guide for Information Security" (SP 800-55 Rev. 1), with a comment period open through December 10, 2020. A new "Measurements for Information Security" project is also available.

NIST has released Draft SP 800-124 Revision 2, "Guidelines for Managing the Security of Mobile Devices in the Enterprise," for public comment. The comment period ends June 26, 2020.

NIST publishes Special Publication (SP) 800-163 Revision 1, "Vetting the Security of Mobile Applications."

NIST has published an update to its Risk Management Framework specification, in NIST Special Publication (SP) 800-37 Revision 2.

(New comments due date:  February 18, 2019) NIST releases the second draft of SP 800-57 Part 2 Revision 1, Recommendation for Key Management: Best Practices for Key Management Organizations. Public comments are due by February 18, 2019.

NIST invites comments on Draft Special Publication 800-179 Rev. 1, "Guide to Securing macOS 10.12 Systems for IT Professionals: A NIST Security Configuration Checklist." The public comment period is open until November 16, 2018.