Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 326 through 350 of 1405 matching records.
Updates

The NIST Cybersecurity Framework (CSF) 2.0 is Here!

February 26, 2024
https://csrc.nist.gov/news/2024/the-nist-csf-20-is-here

The NIST Cybersecurity Framework (CSF) 2.0 is now available, along with many supplementary resources.

Publications CSWP 32 (Initial Public Draft)

NIST Cybersecurity Framework 2.0: A Guide to Creating Community Profiles

February 26, 2024
https://csrc.nist.gov/pubs/cswp/32/nist-csf-20-a-guide-to-creating-community-profiles/ipd

Abstract: The NIST Cybersecurity Framework (CSF) 2.0 introduced the term “Community Profiles” to reflect the use of the CSF for developing use case-specific cybersecurity risk management guidance for multiple organizations. This guide provides considerations for creating and using Community Profiles to help i...

Publications IR 8278 Rev. 1 (Final)

National Online Informative References (OLIR) Program: Overview, Benefits, and Use

February 26, 2024
https://csrc.nist.gov/pubs/ir/8278/r1/final

Abstract: Information and communications technology (ICT) domains — such as cybersecurity, privacy, and Internet of Things (IoT) — have many requirements and recommendations made by national and international standards, guidelines, frameworks, and regulations. An Online Informative Reference (OLIR) provides a...

Publications IR 8278A Rev. 1 (Final)

National Online Informative References (OLIR) Program: Submission Guidance for OLIR Developers

February 26, 2024
https://csrc.nist.gov/pubs/ir/8278/a/r1/final

Abstract: The National Online Informative References (OLIR) Program is a NIST effort to facilitate standardized definitions of Online Informative References (OLIRs) by subject matter experts. OLIRs are relationships between elements of documents from cybersecurity, privacy, and other information and communica...

Publications CSWP 29 (Final)

The NIST Cybersecurity Framework (CSF) 2.0

February 26, 2024
https://csrc.nist.gov/pubs/cswp/29/the-nist-cybersecurity-framework-csf-20/final

Abstract: The NIST Cybersecurity Framework (CSF) 2.0 provides guidance to industry, government agencies, and other organizations to manage cybersecurity risks. It offers a taxonomy of high-level cybersecurity outcomes that can be used by any organization — regardless of its size, sector, or maturity — to bett...

Publications SP 1300 (Final)

NIST Cybersecurity Framework 2.0: Small Business Quick-Start Guide

February 26, 2024
https://csrc.nist.gov/pubs/sp/1300/final

Abstract: This guide provides small-to-medium sized businesses (SMB), specifically those who have modest or no cybersecurity plans in place, with considerations to kick-start their cybersecurity risk management strategy by using the NIST Cybersecurity Framework (CSF) 2.0. The guide also can assist other relat...

Publications SP 1301 (Final)

NIST Cybersecurity Framework 2.0: Quick-Start Guide for Creating and Using Organizational Profiles

February 26, 2024
https://csrc.nist.gov/pubs/sp/1301/final

Abstract: This Quick-Start Guide gives an overview of creating and using organizational profiles for NIST CSF 2.0. An Organizational Profile describes an organization’s current and/or target cybersecurity posture in terms of cybersecurity outcomes from the Cybersecurity Framework (CSF) Core. Organizational Pr...

Publications SP 1299 (Final)

NIST Cybersecurity Framework 2.0: Resource and Overview Guide

February 26, 2024
https://csrc.nist.gov/pubs/sp/1299/final

Abstract: This brief report presents a high-level overview of the CSF 2.0 and provides links to relevant resources such as the CSF 2.0 specification and supporting Quick-Start Guides.

Publications IR 8477 (Final)

Mapping Relationships Between Documentary Standards, Regulations, Frameworks, and Guidelines: Developing Cybersecurity and Privacy Concept Mappings

February 26, 2024
https://csrc.nist.gov/pubs/ir/8477/final

Abstract: This document describes the National Institute of Standards and Technology’s (NIST’s) approach to mapping the elements of documentary standards, regulations, frameworks, and guidelines to a particular NIST publication, such as Cybersecurity Framework (CSF) Subcategories or SP 800-53r5 controls. This...

Publications SP 1800-28 (Final)

Data Confidentiality: Identifying and Protecting Assets Against Data Breaches

February 23, 2024
https://csrc.nist.gov/pubs/sp/1800/28/final

Abstract: Attacks that target data are of concern to companies and organizations across many industries. Data breaches represent a threat that can have monetary, reputational, and legal impacts. This guide seeks to provide guidance concerning the threat of data breaches, exemplifying standards and technologie...

Publications SP 1800-29 (Final)

Data Confidentiality: Detect, Respond to, and Recover from Data Breaches

February 23, 2024
https://csrc.nist.gov/pubs/sp/1800/29/final

Abstract: Attacks that target data are of concern to companies and organizations across many industries. Data breaches represent a threat that can have monetary, reputational, and legal impacts. This guide seeks to provide guidance around the threat of data breaches, exemplifying standards and technologies th...

Project Pages

Explainability, Verification, and Validation for Assured Autonomy and AI

https://csrc.nist.gov/projects/automated-combinatorial-testing-for-software/autonomous-systems-assurance/explainable-ai

Autonomous systems are increasingly seen in safety-critical domains, such as self-driving vehicles and autonomous aircraft. Unfortunately, methods developed for ultra-reliable software, such as avionics, depend on measures of structural coverage that do not apply to neural networks or other black-box functions often used in machine learning. This problem is recognized and teams are seeking solutions in aviation and other fields. As one notes, "How do we determine that the data gathered to train an AI system is suitably representative of the real world?[1]" This key question is currently...

Project Pages

Public Comments Draft SP 800-171 Rev 3

https://csrc.nist.gov/projects/protecting-controlled-unclassified-information/sp-800-171/comments-draft-sp-800-171-r3

Protecting Controlled Unclassified Information (CUI) in nonfederal systems and organizations is critical to federal agencies. The suite of guidance (NIST Special Publication (SP) 800-171, SP 800-171A, SP 800-172, and SP 800-172A) focuses on protecting the confidentiality of CUI and recommends specific security requirements to achieve that objective. Comments Received SP 800-171 Revision 3 (Final Public Draft) and SP 800-171A Revision 3 (Initial Public Draft) February 21, 2024: NIST issues summary and analysis of comments received in response to SP 800-171 Revision 3 (final public...

Updates

Just Published | Final SP 800-66r2, Implementing the HIPAA Security Rule: A Cybersecurity Resource Guide

February 14, 2024
https://csrc.nist.gov/news/2024/nist-publishes-sp-80066-revision-2-implementing-th

NIST published the final version of Special Publication (SP) 800-66r2 (Revision 2), Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide.

Publications SP 800-66 Rev. 2 (Final)

Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide

February 14, 2024
https://csrc.nist.gov/pubs/sp/800/66/r2/final

Abstract: The HIPAA Security Rule focuses on safeguarding electronic protected health information (ePHI) held or maintained by regulated entities. The ePHI that a regulated entity creates, receives, maintains, or transmits must be protected against reasonably anticipated threats, hazards, and impermissible us...

Publications VTS 200-1 (Final)

Cybersecurity Framework Election Infrastructure Profile

February 1, 2024
https://csrc.nist.gov/pubs/vts/200/1/final

Abstract: This document is a Cybersecurity Framework Profile developed for voting equipment and information systems that support elections. This Election Infrastructure Profile can be utilized by election administrators and IT professionals who manage election infrastructure to reduce the risks associated wit...

Publications SP 800-60 Rev. 2 (Initial Working Draft)

Guide for Mapping Types of Information and Systems to Security Categories

January 31, 2024
https://csrc.nist.gov/pubs/sp/800/60/r2/iwd

Abstract: NIST Special Publication (SP) 800-60 facilities the application of appropriate levels of information security according to a range of levels of impact or consequence that may result from unauthorized disclosure, modification, or use of the information or systems. This publication provides a methodol...

Updates

Addressing Visibility Challenges with TLS 1.3 within the Enterprise: SP 1800-37 2nd Preliminary Draft

January 30, 2024
https://csrc.nist.gov/news/2024/2nd-prelim-draft-of-nist-sp-180037

Volumes A (2nd preliminary draft) and B (initial prelim. draft) of NIST Special Publication 1800-37, Addressing Visibility Challenges with TLS 1.3 within the Enterprise, are available for public comment through April 1, 2024.

Events

NIST SSDF for Generative AI and Dual Use Foundation Models

January 17, 2024 - January 17, 2024
https://csrc.nist.gov/events/2024/nist-ssdf-for-generative-ai-dual-use-foundation

We look forward to welcoming you to NIST’s Virtual Workshop on Secure Development Practices for AI Models on January 17. This workshop is being held in support of Executive Order (EO) 14110, Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence. EO 14110 tasked NIST with “developing a companion resource to the Secure Software Development Framework (SSDF) to incorporate secure development practices for generative AI and for dual-use foundation models.” What You Will Learn This workshop will bring together industry, academia, and government to discuss secure development...

Updates

Measurement Guide for Information Security: NIST SP 800-55 Draft Volumes 1 and 2 Available for Comment

January 17, 2024
https://csrc.nist.gov/news/2024/nist-sp-800-55-draft-available-for-comment

NIST Special Publication (SP) Draft 800-55, Measurement Guide for Information Security, Volume 1 — Identifying and Selecting Measures, and Volume 2 — Developing an Information Security Measurement Program, are now available for public review and comment through March 18, 2024.

Updates

Pre-Draft Call for Comments | Information Security Handbook: A Guide for Managers

January 9, 2024
https://csrc.nist.gov/news/2024/pre-draft-call-for-comments-sp-800-100

NIST plans to update Special Publication (SP) 800-100, Information Security Handbook: A Guide for Managers, and is issuing a Pre-Draft Call for Comments to solicit feedback from users. Deadline to submit comments is February 23, 2024.

Publications SP 800-100 Rev. 1 (Initial Preliminary Draft)

PRE-DRAFT Call for Comments | Information Security Handbook: A Guide for Managers

January 9, 2024
https://csrc.nist.gov/pubs/sp/800/100/r1/iprd

Abstract: [See the Abstract for SP 800-100]

Updates

Cybersecurity of Genomic Data: NIST IR 8432

December 20, 2023
https://csrc.nist.gov/news/2023/cybersecurity-of-genomic-data-nist-ir-8432

The NIST National Cybersecurity Center of Excellence has released NIST Internal Report (IR) 8432, "Cybersecurity of Genomic Data."

Publications IR 8432 (Final)

Cybersecurity of Genomic Data

December 20, 2023
https://csrc.nist.gov/pubs/ir/8432/final

Abstract: Genomic data has enabled the rapid growth of the U.S. bioeconomy and is valuable to the individual, industry, and government because it has multiple intrinsic properties that in combination make it different from other types of data that possess only a subset of these properties. The characteristics...

<< first   < previous   2     3     4     5     6     7     8     9     10     11     12     13     14     15     16     17     18     19     20     21     22     23     24     25     26  next >  last >>