Network-layer onboarding of an Internet of Things (IoT) device is the provisioning of network credentials to that device. The current lack of trusted IoT device onboarding processes leaves many networks vulnerable to having unauthorized devices connect to them. It also leaves devices vulnerable to b...

Organizations throughout the world face the challenge of identifying trustworthy computing devices to function daily. Cyber supply chains are constantly at risk of compromise, whether intentional or unintentional. Once a supply chain has been compromised, the security of that device may no longer be...

Many organizations now support their employees' use of personal mobile devices to remotely perform work-related activities. This increasingly common practice, known as BYOD (Bring Your Own Device), provides employees with increased flexibility to telework and access organizational information resour...

The National Initiative for Cybersecurity Education (NICE) has released draft supplemental content to the Workforce Framework for Cybersecurity (NICE Framework). Draft NISTIR 8355, NICE Framework Competencies: Assessing Learners for Cybersecurity Work, elaborates on Competencies, which were re-intro...

Access control policy verification ensures that there are no faults within the policy that leak or block access privileges. To answer the challenges of traditional verification methods, this report proposes an efficient and straightforward method for access control policy verification by applying a...

To help secure our elections, NIST has released Draft NISTIR 8310, Cybersecurity Framework Election Infrastructure Profile. This Profile provides a voluntary, risk-based approach for managing cybersecurity activities and reducing cyber risk to election infrastructure. The Profile is meant to supplem...