Publications
IR 8330 (Final)
November 17, 2020
https://csrc.nist.gov/pubs/ir/8330/final
Abstract: Smart home technologies may expose adopters to increased risk to network security, information privacy, and physical safety. However, users may lack understanding of the privacy and security implications, while devices fail to provide transparency and configuration options. This results in little me...
Publications
SP 800-181 Rev. 1 (Final)
November 16, 2020
https://csrc.nist.gov/pubs/sp/800/181/r1/final
Abstract: This publication from the National Initiative for Cybersecurity Education (NICE) describes the Workforce Framework for Cybersecurity (NICE Framework), a fundamental reference for describing and sharing information about cybersecurity work. It expresses that work as Task statements and describes Know...
Publications
IR 8286 (Final)
October 13, 2020
https://csrc.nist.gov/pubs/ir/8286/final
Abstract: The increasing frequency, creativity, and severity of cybersecurity attacks means that all enterprises should ensure that cybersecurity risk is receiving appropriate attention within their enterprise risk management (ERM) programs. This document is intended to help individual organizations within an...
Events
October 7, 2020 - October 7, 2020
https://csrc.nist.gov/events/2020/considerations-in-migrating-to-pqc-algorithms
(Updated: Friday, September 18, 2020): This workshop was rescheduled from August 24 to Wednesday, October 7. Workshop Objectives The National Institute of Standards and Technology (NIST) will host a virtual workshop on Wednesday, October 7, 2020. The purpose of the workshop is to discuss the challenges and investigate the practical and implementable approaches to ease the migration from the current set of public key cryptographic algorithms to replacement algorithms that are resistant to quantum computer based attacks. This effort complements the NIST post-quantum cryptography (PQC)...
Publications
IR 8183 Rev. 1 (Final)
October 7, 2020
https://csrc.nist.gov/pubs/ir/8183/r1/final
Abstract: This document provides the Cybersecurity Framework (CSF) Version 1.1 implementation details developed for the manufacturing environment. The “Manufacturing Profile” of the CSF can be used as a roadmap for reducing cybersecurity risk for manufacturers that is aligned with manufacturing sector goals a...
Events
October 5, 2020 - October 5, 2020
https://csrc.nist.gov/events/2020/workshop-on-the-automation-of-the-nist-cmvp
(Updated: Friday, September 18, 2020): This workshop was rescheduled from September 1 to Monday, October 5. Workshop Objectives The National Institute of Standards and Technology (NIST) will host a virtual workshop on theAutomation of the NIST Cryptographic Module Validation Program (CMVP) on Monday, October 5, 2020. The number of cryptographic module validations has outstripped the available human resources for timely validation processing. This phenomenon is affecting all stakeholders participating in the CMVP (vendors, labs, and validators alike). The purpose of the workshop is to...
Events
September 25, 2020 - September 25, 2020
https://csrc.nist.gov/events/2020/challenges-with-encrypted-protocols
(Updated: Friday, September 18, 2020): This workshop was rescheduled from August 13 to Friday, September 25. Workshop Objectives The National Institute of Standards and Technology (NIST) will host a virtual workshop to discuss compliance, operations, and security challenges with modern encrypted protocols on Friday, September 25, 2020. Deployment of these protocols, in particular TLS 1.3, can impact some organizations ability to meet their regulatory, security, and operational requirements. The workshop will investigate the practical and implementable approaches to help those industries...
Updates
September 23, 2020
https://csrc.nist.gov/news/2020/sp-800-53-revision-5-published
NIST Special Publication (SP) 800-53 Revision 5, "Security and Privacy Controls for Information Systems and Organizations," represents a multi-year effort to develop the next generation of controls needed to strengthen and support the Federal Government and critical infrastructure sectors.
Publications
SP 800-53 Rev. 5 (Final) (Withdrawn)
September 23, 2020
Withdrawn on December 10, 2020.
https://csrc.nist.gov/pubs/sp/800/53/r5/final
Abstract: This publication provides a catalog of security and privacy controls for information systems and organizations to protect organizational operations and assets, individuals, other organizations, and the Nation from a diverse set of threats and risks, including hostile attacks, human errors, natural d...
Publications
SP 1800-11 (Final)
September 22, 2020
https://csrc.nist.gov/pubs/sp/1800/11/final
Abstract: Businesses face a near-constant threat of destructive malware, ransomware, malicious insider activities, and even honest mistakes that can alter or destroy critical data. These data corruption events could cause a significant loss to a company’s reputation, business operations, and bottom line. The...
Publications
SP 1800-21 (Final)
September 15, 2020
https://csrc.nist.gov/pubs/sp/1800/21/final
Abstract: Mobile devices provide access to vital workplace resources while giving employees the flexibility to perform their daily activities. Securing these devices is essential to the continuity of business operations. While mobile devices can increase efficiency and productivity, they can also leave sensi...
