Use this form to search content on CSRC pages.
Abstract: The U.S. Water and Wastewater Systems (WWS) sector has been undergoing a digital transformation. Many sector organizations are utilizing data-enabled capabilities to improve utility management, operations, and service delivery. The ongoing adoption of automation, sensors, data collection, network de...
The National Cybersecurity Center of Excellence (NCCoE) has released for public comment a draft of NIST Internal Report (NISTIR) 8467, Cybersecurity Framework Profile for Genomic Data. The comment period is now open through July 17, 2023.
Abstract: Low-cost genomic sequencing technologies facilitate collection, sequencing, and analysis of vast quantities of genomic data, fueling our nation’s economic and health leadership posture. However, this valuable genomic information may not be protected with sufficient rigor commensurate with cybersecur...
The National Cybersecurity Center of Excellence (NCCoE) has published the final version of NIST Interagency Report (NIST IR) 8406, Cybersecurity Framework Profile for Liquefied Natural Gas (LNG).
Abstract: This document is the Cybersecurity Framework Profile developed for the Liquefied Natural Gas (LNG) industry and the subsidiary functions that support the overarching liquefaction process, transport, and distribution of LNG. The LNG Cybersecurity Framework Profile can be used by liquefaction faciliti...
The National Cybersecurity Center of Excellence (NCCoE) has released a preliminary practice guide, Automation of the NIST Cryptographic Module Validation Program, for public comment through July 25, 2023.
Abstract:
The NCCoE has released Draft NIST IR 8441, Cybersecurity Framework Profile for Hybrid Satellite Networks (HSN). The comment period closes July 14, 2023.
Includes advisory boards, committees, communities of interest, forums, and working groups that are sponsored or managed by NIST's cybersecurity and privacy program. Also see information on joining one or more of the National Cybersecurity Center of Excellence's (NCCoE) many Communities of Interest.
Type: Presentation
Abstract: There are several new digital credentials-based standards emerging and they are all silos operating in specific environments and written for specific contexts. As such, there is a lack of foundational, strongly verifiable, and trustable digital credentials available to make transition to today...
Type: Presentation
This week, NIST released the newly redesigned and streamlined Special Publication 800-225, Fiscal Year (FY) 2022 Cybersecurity and Privacy Annual Report.
Abstract: During Fiscal Year 2022 (FY 2022) – from October 1, 2021, through September 30, 2022 – the NIST Information Technology Laboratory (ITL) Cybersecurity and Privacy Program successfully responded to numerous challenges and opportunities in security and privacy. This Annual Report highlights the FY 2022...
The automotive industry is facing significant challenges from increased cybersecurity risk and adoption of AI and opportunities from rapid technological innovations. This webinar will be the third community of interest call. Angela Smith, technical lead for NIST’s Cybersecurity Supply Chain Risk Management (C-SCRM) will be providing an overview and status of the C-SCRM work effort, and how it’s relevant to the automotive cybersecurity community.
Fourth Annual Multi-Cloud Conference and Workshop May 25, 2023 - Conference Co-Hosted by NIST, DoC, and Tetrate This year’s Multi-Cloud Conference will focus on delivering Zero Trust Architecture (ZTA) through application-tier and network-tier policies in a high-assurance service mesh operating environment. This makes the enforcement of consistent, enterprise-wide policy a reality irrespective of service or application location, whether on-premises or across multiple clouds. We’ll look at security challenges that public agencies face and provide insight and know-how to address them to...
Internal and external reporting of security vulnerabilities in software and information systems owned or utilized by the Federal Government is critical to mitigating risk, establishing a robust security posture, and maintaining transparency and trust with the public.
The Federal Cybersecurity and Privacy Professionals Forum is an informal group sponsored by the National Institute of Standards and Technology (NIST) to promote the sharing of system security and privacy information among federal, state, and local government, and higher education employees. The Forum maintains an extensive e-mail list and holds quarterly meetings to discuss current issues and items of interest to those responsible for protecting non-national security systems. For more information about the Forum and instructions on how to join, see: https://csrc.nist.gov/Projects/forum. A...
Click for Conference Video Timestamps Title Speaker Description Timestamp Conference Overview Michaela Iorga OSCAL Strategic Outreach Director, NIST Summarizing the timeline of the event 25:39 Opening Remarks Andre Mendes CIO, DoC The advancements of the technology realm and how it relates to Cybersecurity and OSCAL 28:51 OSCAL & A New Way of Doing Software in Federal Robert Wood CISO, Center for Medicare and Medicaid Services, HHS The culture of OSCAL and its innovative...
Abstract: Mobile devices were initially personal consumer communication devices but they are now permanent fixtures in enterprises and are used to access modern networks and systems to process sensitive data. This publication assists organizations in managing and securing these devices by describing available...
The National Cybersecurity Center of Excellence (NCCoE) invites you to share your feedback on the preliminary draft of NIST Special Publication 1800-37 Volume A, Addressing Visibility Challenges with TLS 1.3.
NIST has been tasked with creating guidelines for reporting, coordinating, publishing, and receiving information about security vulnerabilities, as part of the Internet of Things Cybersecurity Improvement Act of 2020, Public Law 116-207, and in alignment with ISO/IEC 29147 and 30111 whenever practical. The guidelines address: Establishing a federal vulnerability disclosure framework, including the Federal Coordination Body (FCB) and Vulnerability Disclosure Program Offices (VDPOs) Receiving information about a potential security vulnerability in an information system owned or...
The NCCoE has released the preliminary public drafts of NIST SP 1800-36, Vols. B –E, Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management. The comment period is open now through June 20, 2023.
Through quarterly meetings and email list, the Forum provides our members: a venue to exchange information, share ideas and best practices, resources, and knowledge; an ongoing opportunity to leverage the work done in other organizations to reduce possible duplication of effort; and access to a community and network of cybersecurity and privacy professionals across the U.S. federal, state, and local government and higher education organizations. Quarterly Meetings Refer to the CSRC Events Page for upcoming Forum meetings and registration information. Forum meetings are open to...