News & Updates

The National Cybersecurity Center of Excellence (NCCoE) has released the initial public draft of NIST IR 8496 for public comment. The comment period closes on January 9, 2024.

The final public draft (fpd) of NIST Special Publication (SP) 800-171r3 (Revision 3) and initial public draft (ipd) of NIST SP 800-171Ar3 (Revision 3) are now available for public review and comment. 

NIST has issued SP 800-53 Release 5.1.1 in the Cybersecurity and Privacy Reference Tool (CPRT).

NIST is issuing one new proposed control and two control enhancements with corresponding assessment procedures for an expedited 2-week public comment period for October 17–31, 2023.

NIST has released the final version of Special Publication (SP) 800-219 Revision 1, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP).

The National Cybersecurity Center of Excellence (NCCoE) has published the final version of NIST Interagency Report (NIST IR) 8406, Cybersecurity Framework Profile for Liquefied Natural Gas (LNG).

The initial public draft (IPD) of NIST Special Publication (SP) 800-171, Revision 3, "Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations," is available for public comment and review through...

NIST requests comments on the initial public draft of Special Publication (SP) 800-219r1, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP).

NIST Interagency Report (IR) 8011, Automation Support for Security Control Assessments, provides guidance on automating the assessment of controls that can be tested.

In July 2022, NIST issued a Pre-Draft Call for Comments on the Controlled Unclassified Information (CUI) series of publications.

The NCCoE has released an initial public draft of NIST Interagency Report (IR) 8406, Cybersecurity Framework Profile for Liquefied Natural Gas. The comment period is open through November 17, 2022.

NIST seeks information for a planned update of the Controlled Unclassified Information series of publications (SP 800-171, -171A, -172, and -172A). The public comment period is open through September 16, 2022.

Participate in the inaugural 30-day comment period for a minor (errata) release of SP 800-53 Rev. 5. Submit your comments on proposed changes through August 12, 2022.

NIST has released the final version of Special Publication (SP) 800-219, Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP). 

NIST Releases Special Publication 800-172A, "Assessment Procedures for Enhanced Security Requirements."

NIST requests comments on Draft Special Publication (SP) 800-219, "Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP)." The public comment period closes on March 23, 2022.

A new SP 800-53 controls Public Comment Site is now available for interacting with, downloading, and submitting security and privacy controls, baselines, and assessments.

NIST has released Draft Special Publication (SP) 800-172A, "Assessing Enhanced Security Requirements for Controlled Unclassified Information." Public comments are due June 11, 2021.

NIST Special Publication (SP) 800-53B, "Control Baselines for Information Systems and Organizations," has been published.

NIST has published NISTIR 8183 Revision 1, "Cybersecurity Framework Version 1.1 Manufacturing Profile."

NIST Special Publication (SP) 800-53 Revision 5, "Security and Privacy Controls for Information Systems and Organizations," represents a multi-year effort to develop the next generation of controls needed to strengthen and...

NIST has released Draft SP 800-53B, "Control Baselines for Information Systems and Organizations," for public comment. The comment period is open through September 11, 2020.

NIST has published Special Publication (SP) 800-210, "General Access Control Guidance for Cloud Systems."

NIST has published Volume 4 of NISTIR 8011:  "Automation Support for Security Control Assessments: Software Vulnerability Management."

NIST has released Draft Special Publication (SP) 800-210, "General Access Control Guidance for Cloud Systems," for public comment. The comment period is open through May 15, 2020.