Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 376 through 400 of 1250 matching records.
Updates

NIST IoT Cybersecurity Program Releases Two New Documents

September 20, 2022
https://csrc.nist.gov/news/2022/nist-iot-cybersecurity-program-nist-irs-8425-8431

The National Institute of Standards and Technology (NIST) Cybersecurity for the Internet of Things (IoT) program has released two new documents: NIST IR 8425 and NIST IR 8431.

Publications IR 8431 (Final)

Workshop Summary Report for “Building on the NIST Foundations: Next Steps in IoT Cybersecurity

September 20, 2022
https://csrc.nist.gov/pubs/ir/8431/final

Abstract: This report summarizes the feedback received on the work of the NIST Cybersecurity for the Internet of Things (IoT) program on IoT product cybersecurity criteria at a virtual workshop in June 2022. The purpose of this workshop was to obtain feedback on specific considerations—and techniques for addr...

Publications IR 8425 (Final)

Profile of the IoT Core Baseline for Consumer IoT Products

September 20, 2022
https://csrc.nist.gov/pubs/ir/8425/final

Abstract: This publication documents the consumer profile of NIST’s IoT core baseline and identifies cybersecurity capabilities commonly needed for the consumer IoT sector (i.e., IoT products for home or personal use). It can also be a starting point for small businesses to consider in the purchase of IoT pro...

Project Pages

Links

https://csrc.nist.gov/projects/olir/links

/CSRC/media/Projects/olir/documents/submissions/WIP_Framework_v_1_1_to_800_53_Rev5.xlsx /CSRC/media/Projects/olir/documents/submissions/WIP_Framework_v_1_1_to_800_53_Rev5.xlsx /CSRC/media/Projects/olir/documents/submissions/SP800-82-Rev-2-to-SP800-53-Rev-4.xlsx /CSRC/media/Projects/olir/documents/submissions/WIP_Framework_v_1_1_to_800_53_Rev5.xlsx /CSRC/media/Projects/olir/documents/submissions/SP800-177-Rev-1-to-SP800-53-Rev-4.xlsx...

Projects

NIST Cybersecurity for IoT Program

https://csrc.nist.gov/projects/nist-cybersecurity-iot-program

[Redirect to https://www.nist.gov/programs-projects/nist-cybersecurity-iot-program] NIST’s Cybersecurity for the Internet of Things (IoT) program supports the development and application of standards, guidelines, and related tools to improve the cybersecurity of connected devices and the environments in which they are deployed. By collaborating with stakeholders across government, industry, international bodies, and academia, the program aims to cultivate trust and foster an environment that enables innovation on a global scale.

Updates

NIST releases NIST IR 8286C: Staging Cybersecurity Risks for Enterprise Risk Management and Governance Oversight

September 14, 2022
https://csrc.nist.gov/news/2022/nist-releases-nist-ir-8286c

NIST has released NIST Internal Report (IR) 8286C, Staging Cybersecurity Risks for Enterprise Risk Management and Governance Oversight.

Publications IR 8286C (Final) (Withdrawn)

Staging Cybersecurity Risks for Enterprise Risk Management and Governance Oversight

September 14, 2022

https://csrc.nist.gov/pubs/ir/8286/c/final

Abstract: This document is the third in a series that supplements NIST Interagency/Internal Report (NISTIR) 8286, Integrating Cybersecurity and Enterprise Risk Management (ERM). This series provides additional details regarding the enterprise application of cybersecurity risk information; the previous documen...

Events

Forum Meeting - September 01, 2022

September 1, 2022 - September 1, 2022
https://csrc.nist.gov/events/2022/forum-meeting-september-01-2022

Presentations & Speakers at a Glance: Update on NIST SP 800-63, David Temoshok, NIST VA's Cyber NexGen Developmental Program, Clarence Williams and Sharon McPherson, Department of Veterans Affairs Facilitated Discussion: Agency Use of NIST Cybersecurity Framework and NIST Risk Management Framework, Victoria Pillitteri and Katherine Schroeder, NIST Update to (Draft) NIST SP 800-50, Rev. 1: Building a Cybersecurity and Privacy Awareness and Training Program, Don Walden, IRS and Marian Merritt, NIST The Federal Cybersecurity and Privacy Professionals...

Publications Project Description (Final)

Mitigating Cybersecurity Risk in Telehealth Smart Home Integration: Cybersecurity for the Healthcare Sector

August 29, 2022
https://csrc.nist.gov/pubs/pd/2022/08/29/mitigating-cyber-risk-in-telehealth-smart-home-int/final

Abstract: This project's goal is to provide HDOs with practical solutions for securing an ecosystem that incorporates consumer-owned smart home devices into an HDO-managed telehealth solution. This project will result in a freely available NIST Cybersecurity Practice Guide. While the healthcare landscape beg...

Updates

Open for Public Comment: Zero Trust Architecture Preliminary Draft Practice Guide (Vol. C-D)

August 9, 2022
https://csrc.nist.gov/news/2022/draft-sp-1800-35-volume-c-and-d-public-comment

The Zero Trust Architecture (ZTA) team at NIST’s National Cybersecurity Center of Excellence (NCCoE) invites public comments on volumes C-D of a preliminary draft practice guide “Implementing a Zero Trust Architecture”. Deadline to submit comments is September 9, 2022.

Updates

Implementing the HIPAA Security Rule: NIST Releases Draft NIST SP 800-66, Rev. 2 for Public Comment

July 21, 2022
https://csrc.nist.gov/news/2022/nist-releases-draft-nist-sp-800-66-rev-2

The initial public draft of NIST Special Publication (SP) 800-66r2 (Revision 2), Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide, is now available for public comment. Deadline to submit comments is September 21, 2022.

Updates

NCCoE Releases Draft Project Description for DevSecOps

July 21, 2022
https://csrc.nist.gov/news/2022/nccoe-releases-draft-for-devsecops

The National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description, Software Supply Chain and DevOps Security Practices: Implementing a Risk-Based Approach to DevSecOps.

Publications IR 8235 (Final)

Security Guidance for First Responder Mobile and Wearable Devices

July 20, 2022
https://csrc.nist.gov/pubs/ir/8235/final

Abstract: Public safety officials utilizing public safety broadband networks will have access to devices, such as mobile devices, tablets, and wearables. These devices offer new ways for first responders to complete their missions but may also introduce new security vulnerabilities to their work environment....

Updates

Protecting Controlled Unclassified Information: Pre-Draft Call for Comments on the CUI Series

July 19, 2022
https://csrc.nist.gov/news/2022/protecting-cui-pubs-pre-draft-call-for-comments

NIST seeks information for a planned update of the Controlled Unclassified Information series of publications (SP 800-171, -171A, -172, and -172A). The public comment period is open through September 16, 2022.

Publications Conference Paper (Final)

Knowledge Mining in Cybersecurity: From Attack to Defense

July 13, 2022
https://csrc.nist.gov/pubs/conference/2022/07/13/knowledge-mining-in-cybersecurity-from-attack-to-d/final

Conference: IFIP Annual Conference on Data and Applications Security and Privacy Abstract: In the fast-evolving world of Cybersecurity, an analyst often has the difficult task of responding to new threats and attack campaigns within a limited amount of time. If an analyst fails to do so, this can lead to severe consequences for the system under attack. In this work, we are motivated to ai...

Project Pages

ISPAB Work Plan

https://csrc.nist.gov/projects/ispab/ispab-work-plan

In accordance with 15 U.S.C. 278g-4, the duties of Information Security and Privacy Advisory Board is to identify emerging managerial, technical, administrative, and physical safeguard issues relative to information security and privacy. The focus of the Board's work for FY 2015-2016 includes the following areas: Quantum (physics, pre-shared keys, quantum key distribution, block chains) Cybersecurity Office of Management and Budget OMB Circular A-130 Revised Cyber-marathon CyberStats Measuring outcomes for cybersecurity Cybersecurity protections in Federal acquisitions...

Project Pages

Combinatorial coverage - case studies

https://csrc.nist.gov/projects/automated-combinatorial-testing-for-software/combinatorial-coverage-measurement/case-studies

Combinatorial coverage measures are used in industry for high assurance software used in critical applications. Industry examples include the following: Kuhn, D. R., Raunak, M. S., & Kacker, R. N. (2021). Combinatorial Frequency Differencing. NIST Cybersecurity Whitepaper. - Describes measures of the frequency of combination coverage and difference between Class and Non-class elements in machine learning classification problems. Illustrates application of these methods for identifying weaknesses in physical unclonable function implementations. Kuhn, D. R., Raunak, M. S., & Kacker, R. N....

Updates

Foundational PNT Profile: Initial Public Draft of NIST IR 8323r1 is Available for Comment

June 29, 2022
https://csrc.nist.gov/news/2022/initial-public-draft-nist-ir-8323r1-comment

The initial public draft of NIST IR 8323r1, Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services, is available for comment. Public comment period is open through August 12, 2022.

<< first   < previous   4     5     6     7     8     9     10     11     12     13     14     15     16     17     18     19     20     21     22     23     24     25     26     27     28  next >  last >>