Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 876 through 900 of 1408 matching records.
Publications Project Description (Final)

5G Cybersecurity: Preparing a Secure Evolution to 5G

April 13, 2020
https://csrc.nist.gov/pubs/pd/2020/04/13/5g-cybersecurity-preparing-a-secure-evolution-to-5/final

Abstract: Cellular networks will be transitioning from 4G to 5G, and 5G networks will provide increased cybersecurity protections. This project will identify several 5G use case scenarios and demonstrate for each one how to strengthen the 5G architecture components to mitigate identified risks and meet indust...

Updates

IoT Device Characterization: Draft NIST White Paper on "Methodology for Characterizing Network Behavior of Internet of Things Devices"

April 1, 2020
https://csrc.nist.gov/news/2020/draft-white-paper-on-iot-device-characterization

NIST has released a Draft NIST Cybersecurity White Paper on "Methodology for Characterizing Network Behavior of Internet of Things Devices." The public comment period ends May 1, 2020.

Publications Project Description (Final)

Critical Cybersecurity Hygiene: Patching the Enterprise

March 30, 2020
https://csrc.nist.gov/pubs/pd/2020/03/30/critical-cybersecurity-hygiene-patching-the-enterp/final

Abstract: Cyber hygiene describes recommended mitigations for the small number of root causes responsible for many cybersecurity incidents. Implementing a few simple practices can address these common root causes. Patching is a particularly important component of cyber hygiene, but existing tools and processe...

Publications Project Description (Final)

Validating the Integrity of Computing Devices: Supply Chain Assurance

March 26, 2020
https://csrc.nist.gov/pubs/pd/2020/03/26/validating-the-integrity-of-servers-and-client-dev/final

Abstract: Product integrity and the ability to distinguish trustworthy products is a critical foundation of cyber supply chain risk management (C-SCRM). Authoritative information regarding the provenance and integrity of the components provides a strong basis for trust in a computing device, whether it is a c...

Updates

Integrating Cybersecurity and Enterprise Risk Management (ERM): Draft NISTIR 8286 Available for Comment

March 19, 2020
https://csrc.nist.gov/news/2020/nist-releases-draft-nistir-8286-for-comment

NIST is requesting comments on Draft NISTIR 8286, "Integrating Cybersecurity and Enterprise Risk Management (ERM)." The public comment period closes April 20, 2020.

Updates

Telework Cybersecurity Resources: New ITL Bulletin and Blog Posts

March 19, 2020
https://csrc.nist.gov/news/2020/telework-cybersecurity-itl-bulletin-blog-posts

NIST has published a new ITL Bulletin (March 2020) that addresses enterprise security solutions for telework, remote access, and BYOD. Also, a new Telework Cybersecurity summary is available on the CSRC homepage and will be updated as new resources are added for organizations and teleworkers.

Updates

Approaches for Federal Agencies to Use the Cybersecurity Framework: NIST Publishes NISTIR 8170

March 19, 2020
https://csrc.nist.gov/news/2020/approach-federal-agencies-to-use-cyberframework

NISTIR 8170, "Approaches for Federal Agencies to Use the Cybersecurity Framework," provides guidance on how to use the NIST Cybersecurity Framework in federal agencies, in conjunction with the current and planned suite of NIST security and privacy risk management publications.

Publications IR 8170 (Final) (Withdrawn)

Approaches for Federal Agencies to Use the Cybersecurity Framework

March 19, 2020

https://csrc.nist.gov/pubs/ir/8170/final

Abstract: The document highlights examples for implementing the Framework for Improving Critical Infrastructure Cybersecurity (known as the Cybersecurity Framework) in a manner that complements the use of other NIST security and privacy risk management standards, guidelines, and practices. These examples incl...

Publications ITL Bulletin (Final)

Security for Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Solutions

March 18, 2020
https://csrc.nist.gov/pubs/itlb/2020/03/security-for-enterprise-telework-remote-access-and/final

Abstract: Today, many people are teleworking (also known as telecommuting), which is the ability of an organization's employees, contractors, business partners, vendors, and other users to perform work from locations other than the organization's facilities. Teleworkers use various client devices, such as des...

Updates

NIST Seeks Comments on Final Public Draft of SP 800-53 Revision 5: Security and Privacy Controls for Information Systems and Organizations

March 16, 2020
https://csrc.nist.gov/news/2020/nist-releases-fpd-sp-800-53-rev-5

NIST has released the Final Public Draft of Special Publication (SP) 800-53 Revision 5, "Security and Privacy Controls for Information Systems and Organizations," for public comment. Comments are due by May 29, 2020.

Publications SP 800-206 (Final)

Annual Report 2018: NIST/ITL Cybersecurity Program

March 13, 2020
https://csrc.nist.gov/pubs/sp/800/206/final

Abstract: Title III of the E-Government Act of 2002, entitled the Federal Information Security Management Act (FISMA) of 2002, requires NIST to prepare an annual public report on activities undertaken in the previous year, and planned for the coming year, to carry out responsibilities under this law. The prim...

Updates

Manufacturing Profile for Cybersecurity Framework Version 1.1: NIST Releases Draft NISTIR 8183 Rev. 1 for Comment

March 4, 2020
https://csrc.nist.gov/news/2020/nist-releases-draft-nistir-8183-rev-1-for-comment

NIST has released Draft NISTIR 8183 Rev. 1, "Cybersecurity Framework Version 1.1 Manufacturing Profile," for public comment. Comments are due by May 4, 2020.

Updates

NIST Publishes NISTIR 8287: A Roadmap for Successful Regional Alliances and Multi-stakeholder Partnerships to Build the Cybersecurity Workforce

February 25, 2020
https://csrc.nist.gov/news/2020/nist-publishes-nistir-8287-roadmap-for-cybersecuri

The National Initiative for Cybersecurity Education, led by the National Institute of Standards and Technology (NIST) is pleased to announce the NIST Internal Report (NISTIR) 8287: A Roadmap for....

Publications IR 8287 (Final)

A Roadmap for Successful Regional Alliances and Multistakeholder Partnerships to Build the Cybersecurity Workforce

February 20, 2020
https://csrc.nist.gov/pubs/ir/8287/final

Abstract: In September 2016, the National Initiative for Cybersecurity Education, led by the National Institute of Standards and Technology in the U.S. Department of Commerce, awarded funding for five pilot programs for Regional Alliances and Multistakeholder Partnerships to Stimulate (RAMPS) Cybersecurity Ed...

Publications Journal Article (Final)

Is Usable Security an Oxymoron?

February 12, 2020
https://csrc.nist.gov/pubs/journal/2020/02/is-usable-security-an-oxymoron/final

Journal: Computer (IEEE Computer) Abstract: Current multipronged cybersecurity measures require the active support and participation of users for their successful deployment. Although no formal definition of usable security exists, it is time to make it a reality for users.

Publications Project Description (Final)

Protecting Information and System Integrity in Industrial Control Systems Environments: Cybersecurity for the Manufacturing Sector

February 7, 2020
https://csrc.nist.gov/pubs/pd/2020/02/07/protecting-information-and-system-integrity-attack/final

Abstract: Manufacturing organizations that rely on industrial control systems (ICS) to monitor and control physical processes that produce goods for public consumption are facing an increasing number of cyber attacks. The U.S. Department of Homeland Security reports that the manufacturing industry is the seco...

Updates

NIST Special Publication 800-161 Revision 1, Pre-Draft Call for Comments

February 4, 2020
https://csrc.nist.gov/news/2020/nist-sp-800-161-rev-1-pre-draft-call-for-comments

NIST is initiating an update of Special Publication (SP) 800-161, "Supply Chain Risk Management Practices for Federal Information Systems and Organizations," seeking preliminary comments on possible clarifications, additions, and removal of information. Comments are due by February 28, 2020.

Updates

NIST Releases Draft NISTIR 8276 for Comment, “Key Practices in Cyber Supply Chain Risk Management: Observations from Industry,” and Publishes Cyber SCRM Case Studies

February 4, 2020
https://csrc.nist.gov/news/2020/cyber-scrm-draft-nistir-8276-and-case-studies

Draft NISTIR 8276, "Key Practices in Cyber Supply Chain Risk Management: Observations from Industry” is available for comment; the comment period closes March 4, 2020. Six new Case Studies in Cyber SCRM are also available, along with a "Summary of Findings and Recommendations."

Publications CSWP 11 (Final)

Case Studies in Cyber Supply Chain Risk Management: Summary of Findings and Recommendations

February 4, 2020
https://csrc.nist.gov/pubs/cswp/11/case-studies-in-c-scrm-summary-of-findings-and-rec/final

Abstract: This document is part of Case Studies in Cyber Supply Chain Risk Management-new research that builds on the CSD C-SCRM program's 2015 publications aimed at identifying how C-SCRM practices have evolved. For this case study series, NIST conducted interviews with 16 subject matter experts across a div...

Updates

NIST Seeks Comments on Draft Guidance for the National Cybersecurity Online References (OLIR) Program: Draft NISTIR 8278

January 24, 2020
https://csrc.nist.gov/news/2020/nist-releases-draft-nistir-8278-for-comment

NIST has released Draft NISTIR 8278, "National Cybersecurity Online References (OLIR) Program: Guidance for OLIR Users and Developers." Public comments are due by February 24, 2020.

Publications CSWP 10 (Final)

NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management, Version 1.0

January 16, 2020
https://csrc.nist.gov/pubs/cswp/10/nist-privacy-framework-version-10/final

Abstract: This publication describes the voluntary NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management (Version 1.0). The Privacy Framework is a tool developed in collaboration with stakeholders intended to help organizations identify and manage privacy risk to build innova...

Updates

NIST Publishes "A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems"

January 14, 2020
https://csrc.nist.gov/news/2020/nist-publishes-cswp-on-emerging-blockchain-idms

NIST has published the Cybersecurity White Paper "A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems."

Updates

NIST Releases Second Draft of NISTIR 8259, "Recommendations for IoT Device Manufacturers"

January 7, 2020
https://csrc.nist.gov/news/2020/nist-releases-second-draft-of-nistir-8259

NIST has released the second public draft of NISTIR 8259, "Recommendations for IoT Device Manufacturers: Foundational Activities and Core Device Cybersecurity Capability Baseline." The public comment period ends February 7, 2020.

Publications Project Description (Final)

Data Confidentiality: Detect, Respond to, and Recover from Data Breaches

December 5, 2019
https://csrc.nist.gov/pubs/pd/2019/12/05/detect-respond-to-and-recover-from-data-breaches/final

Abstract: An organization must protect its information from unauthorized access and disclosure. Data breaches large and small can have far-reaching operational, financial, and reputational impacts. The goal of this project is to provide a practical solution to detect, respond to, and recover from incidents th...

Publications Project Description (Final)

Data Confidentiality: Identifying and Protecting Assets and Data Against Data Breaches

December 5, 2019
https://csrc.nist.gov/pubs/pd/2019/12/05/identifying-and-protecting-assets-and-data-against/final

Abstract: An organization must protect its information from unauthorized access and disclosure. Data breaches large and small can have far-reaching operational, financial, and reputational impacts. The goal of this project is to provide a practical solution to identify and protect the confidentiality of an en...

<< first   < previous   24     25     26     27     28     29     30     31     32     33     34     35     36     37     38     39     40     41     42     43     44     45     46     47     48  next >  last >>