Publications
SP 1800-25 (Final)
December 8, 2020
https://csrc.nist.gov/pubs/sp/1800/25/final
Abstract: Ransomware, destructive malware, insider threats, and even honest user mistakes present ongoing threats to organizations. Organizations’ data, such as database records, system files, configurations, user files, applications, and customer data, are all potential targets of data corruption, modificati...
Publications
IR 8278A (Final) (Withdrawn)
November 20, 2020
Withdrawn on February 26, 2024.
https://csrc.nist.gov/pubs/ir/8278/a/final
Abstract: The National Online Informative References (OLIR) Program is a NIST effort to facilitate subject matter experts in defining standardized Online Informative References (OLIRs), which are relationships between elements of their documents and elements of other documents like the NIST Cybersecurity Fram...
Publications
IR 8278 (Final) (Withdrawn)
November 20, 2020
Withdrawn on February 26, 2024.
https://csrc.nist.gov/pubs/ir/8278/final
Abstract: The National Online Informative References (OLIR) Program is a NIST effort to facilitate subject matter experts in defining standardized Online Informative References (OLIRs), which are relationships between elements of their documents and elements of other documents like the NIST Cybersecurity Fram...
Publications
IR 8330 (Final)
November 17, 2020
https://csrc.nist.gov/pubs/ir/8330/final
Abstract: Smart home technologies may expose adopters to increased risk to network security, information privacy, and physical safety. However, users may lack understanding of the privacy and security implications, while devices fail to provide transparency and configuration options. This results in little me...
Publications
SP 800-181 Rev. 1 (Final)
November 16, 2020
https://csrc.nist.gov/pubs/sp/800/181/r1/final
Abstract: This publication from the National Initiative for Cybersecurity Education (NICE) describes the Workforce Framework for Cybersecurity (NICE Framework), a fundamental reference for describing and sharing information about cybersecurity work. It expresses that work as Task statements and describes Know...
Publications
IR 8286 (Final) (Withdrawn)
October 13, 2020
Withdrawn on December 18, 2025.
https://csrc.nist.gov/pubs/ir/8286/final
Abstract: The increasing frequency, creativity, and severity of cybersecurity attacks means that all enterprises should ensure that cybersecurity risk is receiving appropriate attention within their enterprise risk management (ERM) programs. This document is intended to help individual organizations within an...
Events
October 7, 2020 - October 7, 2020
https://csrc.nist.gov/events/2020/considerations-in-migrating-to-pqc-algorithms
(Updated: Friday, September 18, 2020): This workshop was rescheduled from August 24 to Wednesday, October 7. Workshop Objectives The National Institute of Standards and Technology (NIST) will host a virtual workshop on Wednesday, October 7, 2020. The purpose of the workshop is to discuss the challenges and investigate the practical and implementable approaches to ease the migration from the current set of public key cryptographic algorithms to replacement algorithms that are resistant to quantum computer based attacks. This effort complements the NIST post-quantum cryptography (PQC)...
Publications
IR 8183 Rev. 1 (Final)
October 7, 2020
https://csrc.nist.gov/pubs/ir/8183/r1/final
Abstract: This document provides the Cybersecurity Framework (CSF) Version 1.1 implementation details developed for the manufacturing environment. The “Manufacturing Profile” of the CSF can be used as a roadmap for reducing cybersecurity risk for manufacturers that is aligned with manufacturing sector goals a...
Events
October 5, 2020 - October 5, 2020
https://csrc.nist.gov/events/2020/workshop-on-the-automation-of-the-nist-cmvp
(Updated: Friday, September 18, 2020): This workshop was rescheduled from September 1 to Monday, October 5. Workshop Objectives The National Institute of Standards and Technology (NIST) will host a virtual workshop on theAutomation of the NIST Cryptographic Module Validation Program (CMVP) on Monday, October 5, 2020. The number of cryptographic module validations has outstripped the available human resources for timely validation processing. This phenomenon is affecting all stakeholders participating in the CMVP (vendors, labs, and validators alike). The purpose of the workshop is to...
Events
September 25, 2020 - September 25, 2020
https://csrc.nist.gov/events/2020/challenges-with-encrypted-protocols
(Updated: Friday, September 18, 2020): This workshop was rescheduled from August 13 to Friday, September 25. Workshop Objectives The National Institute of Standards and Technology (NIST) will host a virtual workshop to discuss compliance, operations, and security challenges with modern encrypted protocols on Friday, September 25, 2020. Deployment of these protocols, in particular TLS 1.3, can impact some organizations ability to meet their regulatory, security, and operational requirements. The workshop will investigate the practical and implementable approaches to help those industries...
Updates
September 23, 2020
https://csrc.nist.gov/news/2020/sp-800-53-revision-5-published
NIST Special Publication (SP) 800-53 Revision 5, "Security and Privacy Controls for Information Systems and Organizations," represents a multi-year effort to develop the next generation of controls needed to strengthen and support the Federal Government and critical infrastructure sectors.
Publications
SP 800-53 Rev. 5 (Final) (Withdrawn)
September 23, 2020
Withdrawn on December 10, 2020.
https://csrc.nist.gov/pubs/sp/800/53/r5/final
Abstract: This publication provides a catalog of security and privacy controls for information systems and organizations to protect organizational operations and assets, individuals, other organizations, and the Nation from a diverse set of threats and risks, including hostile attacks, human errors, natural d...
