Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Projects

Showing 4 matching records.
Cybersecurity Supply Chain Risk Management C-SCRM
Cybersecurity Supply Chain Risk Management (C-SCRM) involves identifying, assessing, and mitigating the risks associated with the distributed and interconnected nature of Information Communications Technology and Operational Technology (ICT/OT)  product and service supply chains throughout the entire life cycle of a system (including design, development, distribution, deployment, acquisition, maintenance, and destruction). Examples of risks include insertion of counterfeits, unauthorized...
Multi-Cloud Security Public Working Group MCSPWG
Cloud computing has become the core accelerator of the US Government's digital business transformation. NIST is establishing a Multi-Cloud Security Public Working Group (MCSPWG) to research best practices for securing complex cloud solutions involving multiple service providers and multiple clouds.   The White House Executive Order on Improving the Nation's Cybersecurity highlights that “the Federal Government needs to make bold changes and significant investments in order to defend the vital...
Open Security Controls Assessment Language OSCAL
NIST, in collaboration with the industry, is developing the Open Security Controls Assessment Language (OSCAL), a set of hierarchical, formatted, XML- JSON- and YAML-based formats that provide a standardized representation for different categories of security information pertaining to the publication, implementation, and assessment of security controls. The OSCAL website provides an overview of the OSCAL project, including tutorials, concepts, references, downloads, and much more. OSCAL is...
SP 800-53 Control Overlays for Securing AI Systems COSAiS
Recent Updates August 14, 2025: The NIST SP 800-53 Control Overlays for Securing AI Systems Concept Paper is available for comment, and we welcome stakeholders to join the NIST Overlays Securing AI Systems Slack Collaboration to engage in facilitated discussions with the NIST principal investigators and other subgroup members, share ideas, provide real-time feedback, and contribute to overlay development. Feedback about the concept paper and questions about the development of the...