Use this form to search content on CSRC pages.
Type: Presentation
The Commission on Enhancing National Cybersecurity requests information about current and future states of cybersecurity in the digital economy.
Abstract: Title III of the E-Government Act of 2002, entitled the Federal Information Security Management Act (FISMA) of 2002, requires NIST to prepare an annual public report on activities undertaken in the previous year, and planned for the coming year, to carry out responsibilities under this law. The prim...
Abstract: For many organizations, their employees, contractors, business partners, vendors, and/or others use enterprise telework or remote access technologies to perform work from external locations. All components of these technologies, including organization-issued and bring your own device (BYOD) client d...
Abstract: Many people telework, and they use a variety of devices, such as desktop and laptop computers, smartphones, and tablets, to read and send email, access websites, review and edit documents, and perform many other tasks. Each telework device is controlled by the organization, a third party (such as th...
Abstract: There is a need for cybersecurity capabilities and features to protect the Nationwide Public Safety Broadband Network (NPSBN). However, cybersecurity requirements should not compromise the ability of first responders to complete their missions. In addition, the diversity of public safety disciplines...
The Commission on Enhancing National Cybersecurity will meet Tuesday, August 23, 2016, from 9:00 a.m. until 5:00 p.m. Central Time at the University of Minnesota's TCF Bank Stadium-DQ Club Room.
The Commission on Enhancing National Cybersecurity will meet Thursday, July 14, 2016, from 9:00 a.m. until 5:00 p.m. Central Time at the Hilton University of Houston. The primary purpose of the meeting is to discuss the challenges and opportunities facing cybersecurity for critical infrastructure, as well as State and local governments and cybersecurity. In particular, the meeting will address: (1) Current and future effects of critical infrastructure on the digital economy; (2) critical infrastructure cybersecurity challenges affecting the digital economy; and (3) cybersecurity challenges and...
The Commission on Enhancing National Cybersecurity will meet Thursday, July 14, 2016, from 9:00 a.m. until 5:00 p.m. Central Time at the Hilton University of Houston.
Journal: Computer (IEEE Computer) Abstract: Metamorphic testing (MT) can enhance security testing by providing an alternative to using a test oracle, which is often unavailable or impractical. The authors report how MT detected previously unknown bugs in real-world critical applications such as code obfuscators, giving evidence that software...
NIST published a summary of observations from Cybersecurity Framework Workshop 2016 held at NIST in Gaithersburg, Maryland on 6 and 7 April 2016. The summary highlights areas of agreement between workshop participants and respondents to the most recent request for information (RFI),...
NIST is proud to announce the release of Draft Special Publication 800-184, Guide for Cybersecurity Event Recovery. The purpose of this document is to support federal agencies in a technology-neutral way in improving their cyber event recovery plans, processes, and procedures...
The Commission on Enhancing National Cybersecurity will meet Tuesday, June 21, 2016, from 8:30 a.m. until 5:00 p.m. Pacific Time at the University of California, Berkeley in the Chevron Auditorium at the International House.
The National Institute of Standards and Technology (NIST) invites organizations to provide products and technical expertise to support and demonstrate security platforms for the Data Integrity Building Block.
Abstract: The Association of Public-Safety Communications (APCO), in cooperation with FirstNet and the Department of Commerce held a half-day workshop on June 2nd 2015 titled “Identifying and Categorizing Data Types for Public Safety Mobile Applications.” The goal of this workshop was to begin identifying dif...
Journal: Computer (IEEE Computer) Abstract: We asked 7 experts 1 simple question to find out what has occurred recently in terms of applying formal methods (FM) to security-centric, cyber problems: Please summarize in a paragraph the state of the research and practitioner communities in formal method as you see it. Please include standards, c...
Abstract: This bulletin focuses on NIST's combinatorial testing work. Combinatorial testing is a proven method for more effective software testing at lower cost. The key insight underlying combinatorial testing's effectiveness resulted from a series of studies by NIST from 1999 to 2004. NIST research showed...
Abstract: As a result of payment card industry standards and a strong understanding of the value of valid credit card information in the black market, the retail industry has already invested in security mechanisms to protect credit card data, also referred to as cardholder data. However, this cardholder data...
Abstract: Threats of destructive malware, malicious insider activity, and even honest mistakes create the imperative for organizations to be able to quickly recover from an event that alters or destroys any form of data (database records, system files, configurations, user files, application code, etc.). Orga...
The Commission on Enhancing National Cybersecurity (the “Commission”) will meet Monday, May 16, 2016, from 9:00 a.m. until 4:00 p.m. Eastern Time in Vanderbilt Hall at the New York University (NYU) School of Law
A new chair, Christopher Boyer, was appointed to the National Institute of Standards and Technology (NIST) Information Security and Privacy Advisory Board (ISPAB). ...
NIST is pleased to announce the release of NIST Interagency Report (NISTIR) 8060, Guidelines for the Creation of Interoperable Software Identification (SWID) Tags. This report provides an overview of the capabilities and usage of Software Identification (SWID)...
NIST requests comments on the Second Draft of Special Publication (SP) 800-150, Guide to Cyber Threat Information Sharing. This draft provides guidelines for establishing, participating in, and maintaining cyber threat information sharing relationships...
Abstract: The Cybersecurity Strategy and Implementation Plan (CSIP), published by the Office of Management and Budget (OMB) on October 30, 2015, requires that federal agencies use Personal Identity Verification (PIV) credentials for authenticating privileged users. This will greatly reduce unauthorized access...
NIST requests comments on Draft NIST Internal Report (NISTIR) 8071, LTE Architecture Overview and Security Analysis. Cellular technology plays an increasingly large role in society as it has become the primary portal to the Internet for a large segment of the population. ...