Use this form to search content on CSRC pages.
Links to keynote presentations on Emerging Risk Management and Cyber Security Strategies are available at
The National Institute of Standards and Technology (NIST) Information Technology Laboratory (ITL) invites interested U.S. companies to submit letters of interest in…
(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes SP 800-53 Rev. 4, Security and Privacy Controls for Federal Information Systems and Organizations Ron Ross, NIST Fellow, Computer Security Division, NIST Dom Cussatt, Senior Policy Advisor, U.S. Department of Defense Greg Hall, Identity Management Program Manager, ODNI/CIO Tim Ruland, Chief IT Security Officer, U.S. Census Bureau OIG Perspectives on Cloud Computing and FISMA (OIG Panel) Gale Stone, (Moderator), Deputy Assistant Inspector General for Audit, SSA Dr. Brett M. Baker, Assistant IG for...
Abstract: This bulletin summarizes the information that is included in NIST Special Publication (SP) 800-61 Revision 2, Computer Security Incident Handling Guide. This publication assists organizations in establishing computer security incident response capabilities and handling incidents efficiently and effe...
Abstract: The purpose of this document is to provide Federal agencies with background information on access control (AC) properties, and to help access control experts improve their evaluation of the highest security AC systems. This document discusses the administration, enforcement, performance, and support...
Type: Presentation
Abstract: This bulletin summarizes the information that is included in NIST Special Publication (SP) 121, Revision 1, Guide to Bluetooth Security: Recommendations of the National Institute of Standards and Technology. This guide was revised by John Padgette of Accenture, Karen Scarfone of Scarfone Cybersecuri...
Presentations & Speakers at a Glance: Electricity Subsector Cybersecurity Risk Management Process, Marianne Swanson, NIST, Scott Saunders, Sacramento Municipal Utility District, Matthew Light, NERC; and PIV Implementation, Derek Wood, U.S. Treasury. NOTE: FORUM MEETINGS ARE OPEN TO ONLY FEDERAL/STATE EMPLOYEES, HIGHER EDUCATION EMPLOYEES, AND THEIR DESIGNATED SUPPORT CONTRACTORS. REGISTRANTS MUST USE A .GOV, .EDU, OR .MIL ADDRESS FOR SIGN-UP. SUPPORT CONTRACTORS MUST INDICATE THE AGENCY OR ORGANIZATION THEY SUPPORT. The Federal Computer Security Program Managers Forum (the...
Abstract: Computer security incident response has become an important component of information technology (IT) programs. Because performing incident response effectively is a complex undertaking, establishing a successful incident response capability requires substantial planning and resources. This publicati...
Journal: FedTech Magazine Abstract: Recently, NIST completed a fundamental transformation of the traditional certification and accreditation process into a comprehensive, near real-time, security life cycle process as part of a Risk Management Framework (RMF). The RMF, described in NIST Special Publication 800-37, provides a dynamic,...
Abstract: The Common Misuse Scoring System (CMSS) is a set of measures of the severity of software feature misuse vulnerabilities. A software feature is a functional capability provided by software. A software feature misuse vulnerability is a vulnerability in which the feature also provides an avenue to comp...
Type: Presentation
Type: Presentation
Type: Presentation
Abstract: Bluetooth is an open standard for short-range radio frequency communication. Bluetooth technology is used primarily to establish wireless personal area networks (WPANs), and it has been integrated into many types of business and consumer devices. This publication provides information on the security...
NIST is hosting the National Cybersecurity Center of Excellence (NCCoE) Workshop on June 26, 2012 to introduce the Center to the public. The Center plans to bring together industry, government and business communities to address present-day cybersecurity challenges, ...
Journal: IEEE Security & Privacy Abstract: The National Initiative for Cybersecurity Education (NICE) aims to create an operational, sustainable, and continually improving program for cybersecurity awareness, education, training, and workforce development. As part of the initiative, the NICE Cybersecurity Workforce Framework aims to codify c...
(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes FISMA, RMF partnership with CNSS Dr. Ron Ross, NIST Fellow Exploring the Future of Privacy for Federal IT Toby Levin, (Moderator) Gerald Beuchelt, Principal Information Security Engineer, The MITRE Corporation Jeannette M Wing, President’s Professor of Computer Science and Department Head, Carnegie Mellon University K. Krasnow Waterman, Visiting Fellow with DIG, the Decentralized Information Group of the Computer Science and Artificial Intelligence Laboratory at MIT The Road to Confidence in IT System...
On April 23 and 24, 2012, the NIST ITL Computer Security Division will host a two-day workshop about the cyber security needed for cyber-physical systems (CPSs), with a focus on results of research and real-world deployment experiences. The first day will have speakers that address CPSs across multiple sectors of industry (e.g., automotive, aviation, healthcare). The second day will focus on cyber security needs of CPSs in the electric Smart Grid. Abstracts and slide sets from presenters will be published in a NIST Interagency Report as proceedings of the conference. Goals of the conference:...
Type: Presentation
Type: Presentation
Type: Presentation
Type: Presentation