Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 451 through 475 of 1250 matching records.
Publications IR 8420A (Final)

Approaches and Challenges of Federal Cybersecurity Awareness Programs

March 25, 2022
https://csrc.nist.gov/pubs/ir/8420/a/final

Abstract: Organizational security awareness programs experience a number of challenges, including lack of resources, difficulty measuring the impact of the program, and perceptions among the workforce that training is a boring, “check-the-box” activity. While prior surveys and research have examined programs...

Publications IR 8420B (Final)

The Federal Cybersecurity Awareness Workforce: Professional Backgrounds, Knowledge, Skills, and Development Activities

March 25, 2022
https://csrc.nist.gov/pubs/ir/8420/b/final

Abstract: Organizational cybersecurity awareness (hereafter shortened to “security awareness”) programs may experience a number of challenges, including lack of funding and staff with the appropriate knowledge and skills to manage an effective program. While prior surveys and research have examined programs i...

Events

RFI Feedback Session

March 24, 2022 - March 24, 2022
https://csrc.nist.gov/events/2022/rfi-feedback-session

NIST recently issued a Request for Information (RFI) asking for information that would improve the effectiveness of the Cybersecurity Framework (CSF) for a potential update. As a part of this initiative, NIST wants to better understand how the CSF is being used today and to learn what’s working and what’s not. NIST also wants to explore better ways to align the CSF with other NIST guidance, such as the Privacy Framework, Secure Software Development Framework, Risk Management Framework, NICE Workforce Framework, and its series on IoT cybersecurity. NIST wants to know what would help use...

Updates

Protecting Information and System Integrity in Industrial Control System Environments: Cybersecurity for the Manufacturing Sector

March 16, 2022
https://csrc.nist.gov/news/2022/sp-1800-10-cybersecurity-for-manufacturing-sector

NIST's NCCoE releases "Protecting Information and System Integrity in Industrial Control System Environments: Cybersecurity for the Manufacturing Sector," NIST Special Publication 1800-10.

Publications SP 1800-10 (Final)

Protecting Information and System Integrity in Industrial Control System Environments: Cybersecurity for the Manufacturing Sector

March 16, 2022
https://csrc.nist.gov/pubs/sp/1800/10/final

Abstract: Today’s manufacturing organizations rely on industrial control systems (ICS) to conduct their operations. Increasingly, ICS are facing more frequent, sophisticated cyber attacks—making manufacturing the second-most-targeted industry. Cyber attacks against ICS threaten operations and worker safety, r...

Projects

Small Business Cybersecurity Corner

https://csrc.nist.gov/projects/small-business-cybersecurity-corner

[Redirect to https://www.nist.gov/itl/smallbusinesscyber] The vast majority of smaller businesses rely on information technology to run their businesses and to store, process, and transmit information. Protecting this information from unauthorized disclosure, modification, use, or deletion is essential for those companies and their customers. With limited resources and budgets, these companies need cybersecurity guidance, solutions, and training that is practical, actionable, and enables them to cost-effectively address and manage their cybersecurity risks. This NIST Small Business...

Events

3rd OSCAL Workshop

March 1, 2022 - March 2, 2022
https://csrc.nist.gov/events/2022/3rd-oscal-workshop

The National Institute of Standards and Technology hosted on Tuesday, March 1st, and Wednesday, March 2nd, 2022, the third workshop in the series focusing on the Open Security Controls Assessment Language (OSCAL). Setting the foundation for security automation, with particular focus on the continuous authorization to operate (ATO) processes and continuous monitoring, OSCAL provides machine-readable representations of control catalogs, control baselines or profiles, system security plans, assessment plans, assessment results, and plan of actions and milestones, in a set of formats expressed in...

Updates

NCCoE Releases Draft Project Description for Manufacturing Sector Cybersecurity

February 28, 2022
https://csrc.nist.gov/news/2022/draft-pd-manufacturing-sector-cybersecurity

The National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description, "Responding to and Recovering from a Cyber Attack: Cybersecurity for the Manufacturing Sector." The public comment period is open through April 28, 2022.

Updates

Introduction to Cybersecurity for Commercial Satellite Operations: 2nd draft of NISTIR 8270 available for comment

February 25, 2022
https://csrc.nist.gov/news/2022/second-draft-nistir-8270-available-for-comment

A second public draft of "Introduction to Cybersecurity for Commercial Satellite Operations" (NISTIR 8270) is available for public comment through April 8, 2022.

Projects

Ransomware Protection and Response

https://csrc.nist.gov/projects/ransomware-protection-and-response

Thanks for helping shape our ransomware guidance! We've published the final NISTIR 8374, Ransomware Risk Management: A Cybersecurity Framework Profile and the Quick Start Guide: Getting Started with Cybersecurity Risk Management | Ransomware. Thanks for attending our July 14th Virtual Workshop on Preventing and Recovering from Ransomware and Other Destructive Cyber Events. Please watch the recording HERE. Our new resources on tips and tactics for preparing your organization for ransomware attacks are here! Video: Protecting Your Small Business--Ransomware Fact sheet: How do I stay...

Updates

Final Ransomware Risk Management Cybersecurity Framework Profile & Quick Start Guide Released Today!

February 24, 2022
https://csrc.nist.gov/news/2022/final-ransomware-risk-management-csf-profile

NIST is releasing two guides to address the challenge of ransomware: NISTIR 8374, "Ransomware Risk Management: A Cybersecurity Framework Profile," and a companion quick start guide, "Getting Started with Cybersecurity Risk Management: Ransomware."

Publications Other (Final)

Getting Started with Cybersecurity Risk Management: Ransomware

February 24, 2022
https://csrc.nist.gov/pubs/other/2022/02/24/getting-started-with-cybersecurity-risk-management/final

Abstract: With the threat of ransomware growing, this "quick start guide" will help organizations use the National Institute of Standards and Technology (NIST) "Ransomware Risk Management: A Cybersecurity Framework Profile" to combat ransomware. Like the broader NIST Cybersecurity Framework, which is widely u...

Publications IR 8374 (Final)

Ransomware Risk Management: A Cybersecurity Framework Profile

February 23, 2022
https://csrc.nist.gov/pubs/ir/8374/final

Abstract: Ransomware is a type of malicious attack where attackers encrypt an organization’s data and demand payment to restore access. Attackers may also steal an organization’s information and demand an additional payment in return for not disclosing the information to authorities, competitors, or the publi...

Updates

Request for Information | Evaluating and Improving NIST Cybersecurity Resources: The Cybersecurity Framework and Cybersecurity Supply Chain Risk Management

February 22, 2022
https://csrc.nist.gov/news/2022/rfi-evaluating-and-improving-nist-cyber-resources

NIST is seeking information to assist in evaluating and improving its cybersecurity resources—including the widely-used NIST Cybersecurity Framework (CSF) and a variety of existing and potential standards, guidelines, and other information. Comments are due by April 25, 2022.

Publications SP 1800-30 (Final)

Securing Telehealth Remote Patient Monitoring Ecosystem

February 22, 2022
https://csrc.nist.gov/pubs/sp/1800/30/final

Abstract: Increasingly, healthcare delivery organizations (HDOs) are relying on telehealth and remote patient monitoring (RPM) capabilities to treat patients at home. RPM is convenient and cost-effective, and its adoption rate has increased. However, without adequate privacy and cybersecurity measures, unauth...

Events

Forum Meeting - February 15, 2022

February 15, 2022 - February 15, 2022
https://csrc.nist.gov/events/2022/the-forum-meeting-february-15-2022

Presentations & Speakers at a Glance: GSA’s Approach to Identifying Requirements: FISMA, FedRAMP or Controlled Unclassified Information, Pranjali Desai and Bo Berlas, GSA Growth in the NVD: API Keys, Documentation, and More!, Andrew Artz, NIST What's New in SP 800-53A, Revision 5, Jessica Dickson & Victoria Pillitteri, NIST Multi-Factor Authentication and Key Updates for NIST Special Publication 800-63, Revision 4, David Temoshok, NIST SP 800-63 and Privacy, Naomi Lefkovitz, NIST NOTE: FORUM MEETINGS ARE OPEN TO ONLY FEDERAL/STATE EMPLOYEES, HIGHER EDUCATION EMPLOYEES, AND...

Updates

Prioritizing Cybersecurity Risk for Enterprise Risk Management: NISTIR 8286B

February 10, 2022
https://csrc.nist.gov/news/2022/nistir-8286b-prioritizing-cybersecurity-risk-erm

NIST has published NISTIR 8286B, "Prioritizing Cybersecurity Risk for Enterprise Risk Management." It is part of the NISTIR 8286 subseries, which enables risk practitioners to more fully integrate cybersecurity risk management (CSRM) activities into the broader enterprise risk processes.

Publications IR 8286B (Final)

Prioritizing Cybersecurity Risk for Enterprise Risk Management

February 10, 2022
https://csrc.nist.gov/pubs/ir/8286/b/final

Abstract: This document is the second in a series that supplements NIST Interagency/Internal Report (NISTIR) 8286, Integrating Cybersecurity and Enterprise Risk Management (ERM). This series provides additional detail regarding the enterprise application of cybersecurity risk information; the previous documen...

Updates

NIST Updates the Secure Software Development Framework (SSDF)

February 4, 2022
https://csrc.nist.gov/news/2022/nist-publishes-sp-800-218-ssdf-v11

The SSDF has been updated to version 1.1 in the new release of NIST Special Publication (SP) 800-218.

Publications CSWP 23 (Final)

Recommended Criteria for Cybersecurity Labeling of Consumer Software

February 4, 2022
https://csrc.nist.gov/pubs/cswp/23/recommended-criteria-cybersecurity-labeling-of-con/final

Abstract: Executive Order (EO) 14028, “Improving the Nation’s Cybersecurity,” tasks the National Institute of Standards and Technology (NIST), in coordination with the Federal Trade Commission (FTC) and other agencies, to initiate pilot programs for cybersecurity labeling. These labeling programs are intended...

<< first   < previous   7     8     9     10     11     12     13     14     15     16     17     18     19     20     21     22     23     24     25     26     27     28     29     30     31  next >  last >>