Publications
IR 8496 (Initial Public Draft)
November 15, 2023
https://csrc.nist.gov/pubs/ir/8496/ipd
Abstract: Data classification is the process an organization uses to characterize its data assets using persistent labels so those assets can be managed properly. Data classification is vital for protecting an organization’s data at scale because it enables application of cybersecurity and privacy protection...
Publications
TN 2276 (Final)
November 15, 2023
https://csrc.nist.gov/pubs/tn/2276/final
Abstract: Phishing cyber threats impact private and public sectors both in the United States and internationally. Embedded phishing awareness training programs, in which simulated phishing emails are sent to employees, are designed to prepare employees in these organizations to combat real-world phishing scen...
Project Pages
https://csrc.nist.gov/projects/risk-management/fisma-background
The suite of NIST information security risk management standards and guidelines is not a "FISMA Compliance checklist." Federal agencies, contractors, and other sources that use or operate a federal information system use the suite of NIST Risk Management standards and guidelines to develop and implement a risk-based approach to manage information security risk. FISMA emphasizes the importance of risk management. Compliance with applicable laws, regulations, executive orders, directives, etc. is a byproduct of implementing a robust, risk-based information security program. The NIST Risk...
Publications
IR 8473 (Final)
October 16, 2023
https://csrc.nist.gov/pubs/ir/8473/final
Abstract: This document is the Cybersecurity Framework Profile (Profile) developed for the Electric Vehicle Extreme Fast Charging (EV/XFC) ecosystem and the subsidiary functions that support each of the four domains: (i) Electric Vehicles (EV); (ii) Extreme Fast Charging (XFC); (iii) XFC Cloud or Third-Party...
Publications
SP 800-92 Rev. 1 (Initial Public Draft)
October 11, 2023
https://csrc.nist.gov/pubs/sp/800/92/r1/ipd
Abstract: A log is a record of events that occur within an organization’s computing assets, including physical and virtual platforms, networks, services, and cloud environments. Log management is the process for generating, transmitting, storing, accessing, and disposing of log data. It facilitates log usage...
Publications
IR 8406 (Final)
October 10, 2023
https://csrc.nist.gov/pubs/ir/8406/upd1/final
Abstract: This document is the Cybersecurity Framework Profile developed for the Liquefied Natural Gas (LNG) industry and the subsidiary functions that support the overarching liquefaction process, transport, and distribution of LNG. The LNG Cybersecurity Framework Profile can be used by liquefaction faciliti...
Projects
https://csrc.nist.gov/projects/nccoe-data-security
[Redirect to https://www.nccoe.nist.gov/projects/building-blocks/data-security] The Data Security program at the National Cybersecurity Center of Excellence (NCCoE) has produced guidance for both data integrity and data confidentiality. Each will consist of a series of publications that work together to identify, protect, detect, respond to, and recover from critical events.
Projects
https://csrc.nist.gov/projects/space-cybersecurity
[Redirect to: https://www.nccoe.nist.gov/cybersecurity-space-domain] Space is an emerging commercial critical infrastructure sector that is no longer the domain of only national government authorities. Space is an inherently risky environment in which to operate, so cybersecurity risks involving commercial space – including those affecting commercial satellite vehicles – need to be understood and managed alongside other types of risks to ensure safe and successful operations.
Events
October 3, 2023 - October 4, 2023
https://csrc.nist.gov/events/2023/third-workshop-on-block-cipher-modes-of-operation
AGENDA On-Demand Videos Day 1 - October 3, 2023 Day 2 - October 4, 2023 --> On-Demand Videos Day 1 - October 3, 2023 Day 2 - October 4, 2023 NIST will host the Third NIST Workshop on Block Cipher Modes of Operation on October 3-4, 2023, at the National Cybersecurity Center of Excellence in Rockville, Maryland. NIST hosted the two previous modes workshops in conjunction with the development of the Advanced Encryption Standard (AES) in the early 2000s. This workshop will discuss how NIST can best address the limitations of the block cipher modes of operation ("modes", for...
