Events
September 10, 2019 - September 10, 2019
https://csrc.nist.gov/events/2019/c-scrm-validating-the-integrity-of-server-and-clie
On Tuesday, September 10, 2019, NIST’s National Cybersecurity Center of Excellence Supply Chain Assurance project team is having an Industry Day, starting at 8:30am. The purpose of this Industry Day is to identify the issues and challenges of Cyber Supply Chain Risk Management (C-SCRM) in enterprises as input to a potential NCCoE demonstration project. NIST starts the day by presenting its preliminary plans for this project. Then, there will be short presentations from a few stakeholders, sharing their views of the challenges enterprises face when verifying that their purchased computing...
Publications
SP 1800-12 (Final)
August 27, 2019
https://csrc.nist.gov/pubs/sp/1800/12/final
Abstract: Federal Information Processing Standards (FIPS) Publication 201-2, “Personal Identity Verification (PIV) of Federal Employees and Contractors,” establishes a standard for a PIV system based on secure and reliable forms of identity credentials issued by the federal government to its employees and con...
Publications
SP 1800-7 (Final)
August 7, 2019
https://csrc.nist.gov/pubs/sp/1800/7/final
Abstract: Through direct dialogue between NCCoE staff and members of the energy sector (composed mainly of electric power companies and those who provide equipment and/or services to them) it became clear that energy companies need to create and maintain a high level of visibility into their operating environ...
Publications
SP 800-162 (Final)
August 2, 2019
https://csrc.nist.gov/pubs/sp/800/162/upd2/final
Abstract: This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where authorization to perform a set of operations is determined by evaluating attributes associated with the subject, object, requested operations, and, i...
Publications
IR 8204 (Final) (Withdrawn)
August 1, 2019
Withdrawn on November 20, 2020.
https://csrc.nist.gov/pubs/ir/8204/upd2/final
Abstract: This document provides instructions and definitions for completing the Cybersecurity Framework (CSF) Online Informative References (OLIR) spreadsheet template available for download at https://www.nist.gov/cyberframework/informative-references. This document is intended to assist developers of...
Publications
SP 1800-17 (Final)
July 30, 2019
https://csrc.nist.gov/pubs/sp/1800/17/final
Abstract: As retailers in the United States have adopted chip-and-signature and chip-and-PIN (personal identification number) point-of-sale (POS) security measures, there have been increases in fraudulent online card-not-present electronic commerce (e-commerce) transactions. The risk of increased fraudulent o...
Publications
TN 2051 (Final)
July 9, 2019
https://csrc.nist.gov/pubs/tn/2051/final
Abstract: The Smart Grid Profile applies risk management strategies from the Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework) to the smart grid and will serve as a foundation for refinements to support new grid architectures. The Profile provides cybersecurity risk manag...
Publications
IR 7298 Rev. 3 (Final)
July 3, 2019
https://csrc.nist.gov/pubs/ir/7298/r3/final
Abstract: This publication describes an online glossary of terms used in National Institute of Standards and Technology (NIST) and Committee on National Security Systems (CNSS) publications. This glossary utilizes a database of terms extracted from NIST Federal Information Processing Standards (FIPS), t...
Publications
IR 8228 (Final)
June 25, 2019
https://csrc.nist.gov/pubs/ir/8228/final
Abstract: The Internet of Things (IoT) is a rapidly evolving and expanding collection of diverse technologies that interact with the physical world. Many organizations are not necessarily aware of the large number of IoT devices they are already using and how IoT devices may affect cybersecurity and privacy r...
