Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 551 through 575 of 1250 matching records.
Updates

Identity as a Service for Public Safety: Draft NISTIR 8335 Available for Comment

June 16, 2021
https://csrc.nist.gov/news/2021/idaas-for-public-safety-draft-nistir-8335

NIST's NCCoE has released Draft NISTIR 8335, "Identity as a Service for Public Safety." The public comment period ends August 2, 2021.

Publications IR 8335 (Initial Public Draft)

Identity as a Service for Public Safety Organizations

June 16, 2021
https://csrc.nist.gov/pubs/ir/8335/ipd

Abstract: On-demand access to public safety data is critical to ensuring that public safety and first responder (PSFR) personnel can protect life and property during an emergency. The increasing use of cloud technologies can improve data access but also causes authentication challenges. The objective of this...

Updates

NIST Releases the Open Security Controls Assessment Language (OSCAL) 1.0.0

June 10, 2021
https://csrc.nist.gov/news/2021/nist-releases-oscal-1-0-0

NIST's OSCAL 1.0.0 provides a stable release for wide-scale implementation.

Updates

Identity Federation for Public Safety: Draft NISTIR 8336 Available for Comment

June 9, 2021
https://csrc.nist.gov/news/2021/identity-federation-for-public-safety-draft-nistir

NIST's National Cybersecurity Center of Excellence (NCCoE) has released Draft NISTIR 8336, "Background on Identity Federation Technologies for the Public Safety Community." The public comment period ends July 26, 2021.

Updates

Ransomware Risk Management: Preliminary Draft NISTIR 8374 Available for Comment

June 9, 2021
https://csrc.nist.gov/news/2021/ransomware-risk-management-prelim-draft-nistir

NIST's National Cybersecurity Center of Excellence (NCCoE) has released Preliminary Draft NISTIR 8374, "Cybersecurity Framework Profile for Ransomware Risk Management." The public comment period is open through July 9, 2021.

Publications IR 8336 (Initial Public Draft)

Background on Identity Federation Technologies for the Public Safety Community

June 9, 2021
https://csrc.nist.gov/pubs/ir/8336/ipd

Abstract: This report provides the public safety and first responder (PSFR) community with a basic primer on identity federation—a form of trust relationship and partnership involving the verification of a claimed identity. Identity federation technologies can help public safety organizations (PSOs) to share...

Project Pages

References Associated with Vulnerability Disclosure

https://csrc.nist.gov/projects/vdg/related-guidance

References ISO/IEC 29147 International Organization for Standardization/International Electrotechnical Commission (2018) ISO/IEC 29147:2018 – Information technology – Security techniques – Vulnerability disclosure (ISO, Geneva, Switzerland). Available at https://www.iso.org/standard/72311.html ISO/IEC 30111 International Organization for Standardization/International Electrotechnical Commission (2019) ISO/IEC 30111:2019 – Information technology – Security techniques – Vulnerability handling processes (ISO, Geneva, Switzerland). Available at https://www.iso.org/standard/69725.html ISO/IEC...

Topics

Executive Order 14028

https://csrc.nist.gov/topics/laws-and-regulations/executive-documents/executive-order-14028

Improving the Nation's Cybersecurity (May 12, 2021). For more information, see this other NIST site.

Topics

Cybersecurity Enhancement Act

https://csrc.nist.gov/topics/laws-and-regulations/laws/cybersecurity-enhancement-act

Cybersecurity Enhancement Act of 2014 (Public Law 113-274; December 18, 2014)

Updates

Recommendations for Federal Vulnerability Disclosure Guidelines: Draft NIST SP 800-216 Available for Comment

June 7, 2021
https://csrc.nist.gov/news/2021/draft-federal-vulnerability-disclosure-guidelines

NIST invites comments on Draft NIST Special Publication (SP) 800-216, "Recommendations for Federal Vulnerability Disclosure Guidelines." The public comment period is open through August 9, 2021.

Updates

Migration to Post-Quantum Cryptography: Draft Project Description Available for Comment

June 4, 2021
https://csrc.nist.gov/news/2021/migration-to-pqc-draft-project-description

NIST's NCCoE has released a Draft Project Description, "Migration to Post-Quantum Cryptography." The public comment period is open through July 7, 2021.

Events

Enhancing Software Supply Chain Security: Workshop

June 2, 2021 - June 3, 2021
https://csrc.nist.gov/events/2021/enhancing-software-supply-chain-security-workshop

On June 2-3, NIST will host a virtual workshop to enhance the security of the software supply chain and to fulfill the President’s Executive Order (EO) 14028, Improving the Nation’s Cybersecurity, issued May 12, 2021. Among other things, Section 4 of EO 14028 directs the Secretary of Commerce, through NIST, to consult with federal agencies, the private sector, academia, and other stakeholders in identifying standards, tools, best practices, and other guidelines to enhance software supply chain security. Those standards and guidelines will be used by other agencies to govern the federal...

Updates

Using Mobile Device Biometrics for Authenticating First Responders: Draft NISTIR 8334 Available for Comment

June 2, 2021
https://csrc.nist.gov/news/2021/authenticating-first-responders-draft-nistir-8334

Draft NISTIR 8334, "Using Mobile Device Biometrics for Authenticating First Responders," is available for public comment through July 19, 2021.

Publications IR 8334 (Initial Public Draft)

Using Mobile Device Biometrics for Authenticating First Responders

June 2, 2021
https://csrc.nist.gov/pubs/ir/8334/ipd

Abstract: Many public safety organizations (PSOs) are adopting mobile devices, such as smartphones and tablets, to enable field access to sensitive information for first responders. Most recent mobile devices support one or more forms of biometrics for authenticating users. This report examines how first resp...

Updates

Hardware-Enabled Security: Draft NISTIR 8320 Available for Comment

May 27, 2021
https://csrc.nist.gov/news/2021/hardware-enabled-security-draft-nistir-8320

NIST's National Cybersecurity Center of Excellence (NCCoE) has released Draft NISTIR 8320, "Hardware-Enabled Security: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases." The public comment period is open through June 30, 2021.

Events

Federal Cybersecurity & Privacy Professionals Forum Meeting - May 2021

May 26, 2021 - May 26, 2021
https://csrc.nist.gov/events/2021/the-forum-meeting-may-26-2021

Presentations & Speakers at a Glance: Security & Privacy Authorization: One Agency’s Tool Based Approach. Shawn Hartley, Chief Privacy Officer, PBGC and Sue-Schultz-Searcy, Assessment & Authorization Division Manager PBGC; and Security Automation with Open Security Controls Assessment Language. Dr. Michaela Iorga, OSCAL Strategic Outreach Director, NIST and David Waltermire, Lead Standards Architect for the Security Automation Program, NIST Cyber Security Assessment and Management (CSAM): Planning for Implementing SP 800-53, Revision 5. Ramon Burks and Adam Oline, Department of Justice...

Updates

NIST Cybersecurity Practice Guide SP 1800-15, Securing Small Business and Home IoT Devices: Mitigating Network-Based Attacks Using MUD

May 26, 2021
https://csrc.nist.gov/news/2021/mitigating-network-based-attacks-on-iot-devices-us

NIST has published a new Cybersecurity Practice Guide, NIST Special Publication (SP) 1800-15, "Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD)."

Publications SP 1800-15 (Final)

Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD)

May 26, 2021
https://csrc.nist.gov/pubs/sp/1800/15/final

Abstract: The goal of the Internet Engineering Task Force’s Manufacturer Usage Description (MUD) specification is for Internet of Things (IoT) devices to behave as the devices’ manufacturers intended. MUD provides a standard way for manufacturers to indicate the network communications that a device requires t...

Updates

Trusted IoT Device Network-Layer Onboarding and Lifecycle Management

May 20, 2021
https://csrc.nist.gov/news/2021/trusted-iot-device-onboarding-lcm-project

The National Cybersecurity Center of Excellence has published a final Project Description on "Trusted IoT Device Network-Layer Onboarding and Lifecycle Management. This project will result in a NIST Cybersecurity Practice Guide.

Publications Project Description (Final)

Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management: Enhancing Internet Protocol-Based IoT Device and Network Security

May 20, 2021
https://csrc.nist.gov/pubs/pd/2021/05/20/trusted-iot-device-networklayer-onboarding-and-lcm/final

Abstract: Network-layer onboarding of an Internet of Things (IoT) device is the provisioning of network credentials to that device. The current lack of trusted IoT device onboarding processes leaves many networks vulnerable to having unauthorized devices connect to them. It also leaves devices vulnerable to b...

Updates

Data Classification Practices: Draft Project Description Available for Comment

May 19, 2021
https://csrc.nist.gov/news/2021/data-classification-practices-draft-project-descri

The NCCoE has released a draft project description on "Data Classification Practices: Facilitating Data-Centric Security." The public comment period is open through June 21, 2021.

<< first   < previous   11     12     13     14     15     16     17     18     19     20     21     22     23     24     25     26     27     28     29     30     31     32     33     34     35  next >  last >>