Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 326 through 350 of 1250 matching records.
Updates

Implementing Data Classification Practices: Draft NIST SP 1800-39A Available for Comment

April 25, 2023
https://csrc.nist.gov/news/2023/implementing-data-class-practices-sp-1800-39a

The NCCoE has released a preliminary draft of NIST Special Publication 1800-39A, "Implementing Data Classification Practices." The public comment period is open through June 12, 2023.

Updates

Update on the Revision of NIST SP 800-66, Implementing the HIPAA Security Rule

April 25, 2023
https://csrc.nist.gov/news/2023/update-on-the-revision-of-nist-sp-800-66

For the past 18+ months NIST, in collaboration with the Department of Health and Human Services (HHS) Office for Civil Rights (OCR), has been working to update NIST Special Publication (SP) 800-66.

Publications SP 1800-39 (Initial Preliminary Draft)

Implementing Data Classification Practices

April 25, 2023
https://csrc.nist.gov/pubs/sp/1800/39/iprd

Abstract:

Updates

Feedback Appreciated | NIST CSF 2.0 Core - Discussion Draft

April 24, 2023
https://csrc.nist.gov/news/2023/feedback-appreciated-nist-csf-2-0-core-discussion

NIST is updating the Cybersecurity Framework (CSF) which is widely used to help organizations better understand, manage, reduce, and communicate cybersecurity risks.

Updates

Migration to Post-Quantum Cryptography: NIST SP 1800-38A Preliminary Draft Available for Comment

April 24, 2023
https://csrc.nist.gov/news/2023/migration-post-quantum-crypto-nist-sp-1800-38a

The NCCoE has posted the initial preliminary draft of NIST Special Publication 1800-38A, "Migration to Post-Quantum Cryptography: Preparation for Considering the Implementation and Adoption of Quantum Safe Cryptography" for public comment. The comment period closes June 8, 2023.

Events

Automotive Cybersecurity Community of Interest (COI) Webinar

April 19, 2023 - April 19, 2023
https://csrc.nist.gov/events/2023/automotive-cybersecurity-community-of-interest-2nd

The automotive industry is facing significant challenges from increased cybersecurity risk and adoption of AI and opportunities from rapid technological innovations. This webinar will be the second community of interest call. Cheri Pascoe, Senior Technology Policy Advisor & Cybersecurity Framework (CSF) Program Lead will be providing an overview and status of the update to the NIST CSF (journey to CSF 2.0), and how it’s relevant to the automotive cybersecurity community. Past Recordings

Updates

Security Segmentation in a Small Manufacturing Environment: Cybersecurity White Paper Now Available

April 6, 2023
https://csrc.nist.gov/news/2023/security-segmentation-in-a-small-mfg-environment

NIST has published a new Cybersecurity White Paper on "Security Segmentation in a Small Manufacturing Environment."

Publications CSWP 28 (Final)

Security Segmentation in a Small Manufacturing Environment

April 6, 2023
https://csrc.nist.gov/pubs/cswp/28/security-segmentation-in-a-small-manufacturing-env/final

Abstract: Manufacturers are increasingly targeted in cyber-attacks. Small manufacturers are particularly vulnerable due to limitations in staff and resources to operate facilities and manage cybersecurity. Security segmentation is a cost-effective and efficient security design approach for protecting cy...

Publications Journal Article (Final)

Users Are Not Stupid: Six Cyber Security Pitfalls Overturned

March 16, 2023
https://csrc.nist.gov/pubs/journal/2023/03/users-are-not-stupid-six-cyber-security-pitfalls-o/final

Journal: Cyber Security: A Peer-Reviewed Journal Abstract: The skilled and dedicated professionals who strive to improve cyber security may unwittingly fall victim to misconceptions and pitfalls that hold other people back from reaching their full potential of being active partners in security. These pitfalls often reflect the cyber security community’s dep...

Updates

Cybersecurity of Genomic Data: Draft NIST IR 8432 Available for Public Comment

March 3, 2023
https://csrc.nist.gov/news/2023/draft-nist-ir-8432-available-for-public-comment

The National Cybersecurity Center of Excellence (NCCoE) has published the initial public draft of NIST Internal Report (NIST IR) 8432, Cybersecurity of Genomic Data.

Events

Forum Meeting - February 2023

February 28, 2023 - February 28, 2023
https://csrc.nist.gov/events/2023/forum-meeting-february-2023

The Federal Cybersecurity and Privacy Professionals Forum is an informal group sponsored by the National Institute of Standards and Technology (NIST) to promote the sharing of system security and privacy information among federal, state, and local government, and higher education employees. The Forum maintains an extensive e-mail list and holds quarterly meetings to discuss current issues and items of interest to those responsible for protecting non-national security systems. For more information about the Forum and instructions on how to join, see: https://csrc.nist.gov/Projects/forum. A...

Updates

Hardware Enabled Security: Draft NIST IR 8320D Available for Comment

February 23, 2023
https://csrc.nist.gov/news/2023/draft-nist-ir-8320d-available-for-comment

The National Cybersecurity Center of Excellence (NCCoE) has released a draft report, NIST Interagency Report (NISTIR) 8320D, Hardware Enabled Security: Hardware-Based Confidential Computing, for public comment.

Events

Automotive Cybersecurity Community of Interest (COI) Webinar

February 7, 2023 - February 7, 2023
https://csrc.nist.gov/events/2023/automotive-cybersecurity-community-of-interest-coi

The automotive industry is facing significant challenges from increased cybersecurity risk and adoption of AI and opportunities from rapid technological innovations. To provide assistance to the industry, NIST has started a COI for automotive cybersecurity. This webinar will introduce the members of the COI to projects and research currently active at NIST that are of interest to the community. Participants will also be informed of ways to participate in these projects and research.

Updates

NIST Revises the Foundational PNT Profile for Positioning, Navigation, and Timing (PNT) Services: NIST IR 8323r1

January 31, 2023
https://csrc.nist.gov/news/2023/nist-ir-8323-revision-1-pnt-is-now-available

NIST is publishing NIST IR 8323r1 (revision 1), Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services.

Publications IR 8323 Rev. 1 (Final)

Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services

January 31, 2023
https://csrc.nist.gov/pubs/ir/8323/r1/final

Abstract: The national and economic security of the United States (U.S.) is dependent upon the reliable functioning of the nation’s critical infrastructure. Positioning, Navigation, and Timing (PNT) services are widely deployed throughout this infrastructure. In a government-wide effort to mitigate the potent...

Publications Other (Final)

Handout | Users Are Not Stupid: Six Cybersecurity Pitfalls Overturned

January 30, 2023
https://csrc.nist.gov/pubs/other/2023/01/30/handout-users-are-not-stupid-six-cybersecurity-pit/final

Abstract: The cybersecurity community tends to focus and depend on technology to solve today's cybersecurity problems, often without taking into consideration the human element - the key individual and social factors impacting cybersecurity adoption. This handout provides an overview of six human-element misc...

Updates

Concept Paper Released | Comment on Proposed Significant Updates to the CSF & Register for In-Person Event

January 19, 2023
https://csrc.nist.gov/news/2023/csf-2-0-concept-paper-released

The NIST Cybersecurity Framework (CSF) helps organizations better understand, manage, reduce, and communicate cybersecurity risks. NIST is updating the CSF to keep pace with the evolving cybersecurity landscape.

Publications Conference Paper (Final)

An Investigation of Roles, Backgrounds, Knowledge, and Skills of U.S. Government Security Awareness Professionals

January 17, 2023
https://csrc.nist.gov/pubs/conference/2023/01/17/an-investigation-of-roles-backgrounds-knowledge-an/final

Conference: ACM SIGMIS Computers and People Research Conference 2022 Abstract: Security awareness professionals are tasked with implementing security awareness programs within their organizations to assist employees in recognizing and responding to security issues. Prior industry-focused surveys and research studies identified desired skills for these professionals, finding th...

Publications Journal Article (Final)

A Review of Machine Learning-based Zero-day Attack Detection: Challenges and Future Directions

January 15, 2023
https://csrc.nist.gov/pubs/journal/2023/01/machine-learningbased-zeroday-attack-detection/final

Journal: Computer Communications Abstract: Zero-day attacks exploit unknown vulnerabilities so as to avoid being detected by cybersecurity detection tools. The studies Bilge and Dumitras (2012), Google (0000) and Ponemon Sullivan Privacy Report (2020) show that zero-day attacks are wide spread and are one of the major threats to computer sec...

Publications SP 1288 (Final)

Federal Cybersecurity Role-Based Training Approaches, Successes, and Challenges

January 11, 2023
https://csrc.nist.gov/pubs/sp/1288/final

Abstract: Most United States federal government organizations are required to conduct cybersecurity role-based training for federal government personnel and supporting contractors who are assigned roles having security and privacy responsibilities. Despite the training mandate, there has been little prior eff...

Project Pages

Existing Work to Leverage

https://csrc.nist.gov/projects/devsecops/resources

The NIST NCCoE has launched a new project, Software Supply Chain and DevOps Security Practices. In early 2023, the project team will be publishing a Federal Register Notice based on the final project description to solicit collaborators to work with the NCCoE on the project. NIST held a virtual workshop in January 2021 on improving the security of DevOps practices; you can access the workshop recording and materials here. A second virtual workshop was held in September 2022 on the planned NCCoE DevSecOps project; the workshop recording and presentations are posted. NIST will leverage existing...

Updates

Applying the Cybersecurity Framework to Satellite Command and Control: NIST Interagency Report (IR) 8401

January 3, 2023
https://csrc.nist.gov/news/2023/nist-releases-nist-ir-8401

NIST recognizes the importance of the infrastructure that provides positioning, timing, and navigation (PNT) information to the scientific knowledge, economy, and security of the Nation. This infrastructure consists of three parts: the space segment, the ground segment, and the users of PNT.

Publications IR 8401 (Final)

Satellite Ground Segment: Applying the Cybersecurity Framework to Satellite Command and Control

December 30, 2022
https://csrc.nist.gov/pubs/ir/8401/final

Abstract: Space operations are increasingly important to the national and economic security of the United States. Commercial space’s contribution to the critical infrastructure is growing in both volume and diversity of services as illustrated by the increased use of commercial communications satellite (COMSA...

<< first   < previous   2     3     4     5     6     7     8     9     10     11     12     13     14     15     16     17     18     19     20     21     22     23     24     25     26  next >  last >>