Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 701 through 725 of 1417 matching records.
Publications CSWP 21 (Final)

Benefits of an Updated Mapping between the NIST Cybersecurity Framework and the NERC Critical Infrastructure Protection Standards

September 29, 2021
https://csrc.nist.gov/pubs/cswp/21/updated-mapping-between-nist-csf-and-nerc-cip-stan/final

Abstract: This white paper highlights a recent mapping effort between the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards and the NIST Cybersecurity Framework. Mappings of these two frameworks have been performed in the past; this effort updated the ma...

Updates

New Online Tool to Improve Stakeholder Engagement with SP 800-53

September 28, 2021
https://csrc.nist.gov/news/2021/new-online-tool-for-engaging-with-sp-800-53

A new SP 800-53 controls Public Comment Site is now available for interacting with, downloading, and submitting security and privacy controls, baselines, and assessments.

Publications SP 800-214 (Final)

2020 Cybersecurity and Privacy Annual Report

September 28, 2021
https://csrc.nist.gov/pubs/sp/800/214/final

Abstract: This Annual Report provides the opportunity to describe the many cybersecurity program highlights and accomplishments from throughout the NIST Information Technology Laboratory (ITL). The report is organized into several focus areas that highlight key research topics and highlights.

Updates

Building a Cybersecurity and Privacy Awareness and Training Program | Call for Comments

September 21, 2021
https://csrc.nist.gov/news/2021/pre-draft-call-for-comments-sp-800-50

NIST plans to revise Special Publication (SP) 800-50 and potentially consolidate it with NIST SP 800-16 to create SP 800-50 Revision 1, "Building a Cybersecurity and Privacy Awareness and Training Program." A call for comments is open through November 5, 2021.

Updates

Securing the IIoT—Cybersecurity for Distributed Energy Resources: Draft SP 1800-32 Available for Comment

September 21, 2021
https://csrc.nist.gov/news/2021/draft-sp-1800-32-available-for-comment

NIST’s National Cybersecurity Center of Excellence (NCCoE) has released a draft of NIST Special Publication (SP) 1800-32, Securing the Industrial Internet of Things: Cybersecurity for Distributed Energy Resources.

Events

Federal Cybersecurity & Privacy Professionals Forum Meeting

September 14, 2021 - September 14, 2021
https://csrc.nist.gov/events/2021/federal-cybersecurity-privacy-professionals-forum

Presentations & Speakers at a Glance: Updates from the Office of Management and Budget on Executive Order (EO) 14028, Steven McAndrews; EO 14028, Updates from CISA on Coordination Activities, Harry Mourtos, CISA; and EO 14028, Updates from NIST on Supply Chain Risk Management and Critical Software, Jon Boyens, Barbara Guttman, and Karen Scarfone. NOTE: FORUM MEETINGS ARE OPEN TO ONLY FEDERAL/STATE EMPLOYEES, HIGHER EDUCATION EMPLOYEES, AND THEIR DESIGNATED SUPPORT CONTRACTORS. REGISTRANTS MUST USE A .GOV, .EDU, OR .MIL ADDRESS FOR SIGN-UP. SUPPORT CONTRACTORS MUST INDICATE THE...

Publications IR 8379 (Final)

Summary Report for the Virtual Workshop Addressing Public Comment on NIST Cybersecurity for IoT Guidance

September 9, 2021
https://csrc.nist.gov/pubs/ir/8379/final

Abstract: This report summarizes the feedback received on the work of the NIST Cybersecurity for IoT program on device cybersecurity at a virtual workshop conducted April 22, 2021. NIST conducted the “Workshop Addressing Public Comment on NIST Cybersecurity for IoT Guidance” to discuss and gather community in...

Updates

Ransomware Risk Management: Draft NISTIR 8374 Available for Comment

September 8, 2021
https://csrc.nist.gov/news/2021/draft-nistir-8374-ransomware-risk-management

The public comment period for Draft NISTIR 8374, "Ransomware Risk Management," is open through October 8, 2021

Updates

Prioritizing Cybersecurity Risk for Enterprise Risk Management: Draft NISTIR 8286B Available for Comment

September 1, 2021
https://csrc.nist.gov/news/2021/draft-nistir-8286b-prioritizing-cyber-risk-for-erm

The public comment period for Draft NISTIR 8286B, "Prioritizing Cybersecurity Risk for Enterprise Risk Management," is open through October 15, 2021.

Updates

Validating the Integrity of Computing Devices: Preliminary Draft of SP 1800-34B Available for Comment

August 31, 2021
https://csrc.nist.gov/news/2021/prelim-draft-sp-1800-34-volume-b

The NCCoE has released a preliminary draft of NIST Special Publication (SP) 1800-34 Volume B, and the comment period is open through September 29, 2021.

Updates

Mitigating Cybersecurity Risk in Telehealth Smart Home Integration: Draft Project Description Available for Comment

August 31, 2021
https://csrc.nist.gov/news/2021/draft-mitigating-cyber-risk-telehealth-smart-home

The NCCoE has released a Draft Project Description on "Mitigating Cybersecurity Risk in Telehealth Smart Home Integration." The public comment period is open through October 4, 2021.

Updates

IoT Non-Technical Supporting Capability Core Baseline: NISTIR 8259B

August 25, 2021
https://csrc.nist.gov/news/2021/iot-non-tech-supporting-capability-core-baseline

NIST has published NISTIR 8259B, "IoT Non-Technical Supporting Capability Core Baseline," to complement the technical abilities defined in NISTIR 8259A, "Core Device Cybersecurity Capability Baseline."

Updates

Mobile Application Single Sign-On for First Responders: NIST SP 1800-13

August 25, 2021
https://csrc.nist.gov/news/2021/mobile-application-single-sign-on-first-responders

NIST Special Publication (SP) 1800-13, "Mobile Application Single Sign-On: Improving Authentication for Public Safety First Responders," is now available.

Publications IR 8259B (Final)

IoT Non-Technical Supporting Capability Core Baseline

August 25, 2021
https://csrc.nist.gov/pubs/ir/8259/b/final

Abstract: Non-technical supporting capabilities are actions a manufacturer or third-party organization performs in support of the cybersecurity of an IoT device. This publication defines an Internet of Things (IoT) device manufacturers’ non-technical supporting capability core baseline, which is a set of non-...

Publications IR 8170 (Final)

Approaches for Federal Agencies to Use the Cybersecurity Framework

August 17, 2021
https://csrc.nist.gov/pubs/ir/8170/upd1/final

Abstract: The document highlights examples for implementing the Framework for Improving Critical Infrastructure Cybersecurity (known as the Cybersecurity Framework) in a manner that complements the use of other NIST security and privacy risk management standards, guidelines, and practices. These examples incl...

Publications Conference Paper (Final)

It's the Company, the Government, You and I: User Perceptions of Responsibility for Smart Home Privacy and Security

August 11, 2021
https://csrc.nist.gov/pubs/conference/2021/08/11/perceptions-of-responsibility-smart-home-privacy-a/final

Conference: 30th USENIX Security Symposium Abstract: Smart home technology exposes adopters to increased risk to network security, information privacy, and physical safety. However, users may lack understanding of the privacy and security implications. Additionally, manufacturers often fail to provide transparency and configuration options, and few go...

Publications SP 1271 (Final)

Getting Started with the NIST Cybersecurity Framework: A Quick Start Guide

August 6, 2021
https://csrc.nist.gov/pubs/sp/1271/final

Abstract: This document intends to provide direction and guidance to those organizations – in any sector or community – seeking to improve cybersecurity risk management via utilization of the NIST Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework or the Framework). Cyberse...

Updates

Planning for a Zero Trust Architecture: Draft Cybersecurity White Paper Available for Comment

August 4, 2021
https://csrc.nist.gov/news/2021/planning-for-a-zero-trust-architecture-draft-cyber

A new draft NIST Cybersecurity White Paper on "Planning for a Zero Trust Architecture" is available for comment through September 3, 2021.

Updates

Migration to Post-Quantum Cryptography: Project Description Released

August 4, 2021
https://csrc.nist.gov/news/2021/migration-to-post-quantum-cryptography-proj-desc

The National Cybersecurity Center of Excellence has released a final project description for "Migration to Post-Quantum Cryptography."

Publications Project Description (Final)

Migration to Post-Quantum Cryptography

August 4, 2021
https://csrc.nist.gov/pubs/pd/2021/08/04/migration-to-postquantum-cryptography/final

Abstract: The NIST National Cybersecurity Center of Excellence (NCCoE) is initiating the development of practices to ease the migration from the current set of public-key cryptographic algorithms to replacement algorithms that are resistant to quantum computer-based attacks. These practices will take the form...

Publications Conference Paper (Final)

Exploring Government Security Awareness Programs: A Mixed-Methods Approach

August 3, 2021
https://csrc.nist.gov/pubs/conference/2021/08/03/exploring-government-security-awareness-programs-a/final

Conference: 7th Workshop on Security Information Workers (WSIW 2021) Abstract: Organizational security awareness programs are often underfunded and rely on part-time security awareness professionals who may lack sufficient background, skills, or resources necessary to manage an effective and engaging program. U.S. government organizations, in particular, face challenges due to...

Updates

Data Classification Practices: Final Project Description Released

July 22, 2021
https://csrc.nist.gov/news/2021/data-classification-practices-final-pd

NIST's National Cybersecurity Center of Excellence has released a final Project Description on data classification practices.

Publications Project Description (Final)

Data Classification Practices: Facilitating Data-Centric Security Management

July 22, 2021
https://csrc.nist.gov/pubs/pd/2021/07/22/data-classification-practices-datacentric-security/final

Abstract: As part of a zero trust approach, data-centric security management aims to enhance protection of information (data) regardless of where the data resides or who it is shared with. Data-centric security management necessarily depends on organizations knowing what data they have, what its cha...

Updates

Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management: 2nd Public Draft of NISTIR 8286A Available for Comment

July 6, 2021
https://csrc.nist.gov/news/2021/identifying-estimating-cybersecurity-risk-for-erm

A second public draft of NISTIR 8286A is available: "Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management." The comment period is open through August 6, 2021.

Publications Journal Article (Final)

Cybersecurity Advocates: Force Multipliers in Security Behavior Change

July 5, 2021
https://csrc.nist.gov/pubs/journal/2021/07/cybersecurity-advocates-force-multipliers-in-secur/final

Journal: IEEE Security & Privacy Abstract: Cybersecurity advocates motivate individuals and organizations to adopt positive security behaviors. Based on our research, we describe qualities of successful advocates. Our findings have practical implications for expanding the cybersecurity workforce by recruiting and developing professionals who...

<< first   < previous   17     18     19     20     21     22     23     24     25     26     27     28     29     30     31     32     33     34     35     36     37     38     39     40     41  next >  last >>