Publications
SP 1800-8 (Final)
August 17, 2018
https://csrc.nist.gov/pubs/sp/1800/8/final
Abstract: Medical devices, such as infusion pumps, were once standalone instruments that interacted only with the patient or medical provider. However, today’s medical devices connect to a variety of healthcare systems, networks, and other tools within a healthcare delivery organization (HDO). Connecting devi...
Publications
SP 1800-1 (Final)
July 27, 2018
https://csrc.nist.gov/pubs/sp/1800/1/final
Abstract: Healthcare providers increasingly use mobile devices to receive, store, process, and transmit patient clinical information. According to our own risk analysis, discussed here, and in the experience of many healthcare providers, mobile devices can introduce vulnerabilities in a healthcare organizatio...
Publications
SP 1800-2 (Final)
July 13, 2018
https://csrc.nist.gov/pubs/sp/1800/2/final
Abstract: To protect power generation, transmission, and distribution, energy companies need to control physical and logical access to their resources, including buildings, equipment, information technology (IT), and operational technology (OT). They must authenticate authorized individuals to the devices and...
Publications
SP 800-203 (Final)
July 2, 2018
https://csrc.nist.gov/pubs/sp/800/203/final
Abstract: Title III of the E-Government Act of 2002, entitled the Federal Information Security Management Act (FISMA) of 2002, requires NIST to prepare an annual public report on activities undertaken in the previous year, and planned for the coming year, to carry out responsibilities under this law. The prim...
Events
June 27, 2018 - June 28, 2018
https://csrc.nist.gov/events/2018/sound-static-analysis-for-security-(ssas)-workshop
This two-day workshop focuses on decreasing software security vulnerabilities by orders of magnitude, using the strong guarantees that only sound static analysis can provide. The workshop is aimed at developers, managers and evaluators of security-critical projects, as well as researchers in cybersecurity. The program features experts on sound static analysis applied to security, around three theme topics: Analysis of legacy code, Use in new development, and Accountable software quality. Each topic will be introduced by a renowned international expert: David A. Wheeler from the...
Publications
SP 1500-4 Rev. 1 (Final) (Withdrawn)
June 26, 2018
Withdrawn on October 21, 2019.
https://csrc.nist.gov/pubs/sp/1500/4/r1/final
Abstract: Big Data is a term used to describe the large amount of data in the networked, digitized, sensor-laden, information-driven world. While opportunities exist with Big Data, the data can overwhelm traditional technical approaches and the growth of data is outpacing scientific and technological advances...
Publications
Journal Article (Final)
June 26, 2018
https://csrc.nist.gov/pubs/journal/2018/06/baseline-tailor/final
Journal: Journal of the National Institute of Standards and Technology Abstract: Baseline Tailor is an innovative web application for users of the National Institute of Standards and Technology (NIST) Cybersecurity Framework and Special Publication (SP) 800-53. Baseline Tailor makes the information in these widely referenced publications easily accessible to both security profes...
Publications
SP 800-171 Rev. 1 (Final) (Withdrawn)
June 7, 2018
Withdrawn on February 21, 2021.
https://csrc.nist.gov/pubs/sp/800/171/r1/upd3/final
Abstract: [The errata update includes minor editorial changes to selected CUI security requirements, some additional references and definitions, and a new appendix that contains an expanded discussion about each CUI requirement.] The protection of Controlled Unclassified Information (CUI) resident in nonfede...
