Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 926 through 950 of 1412 matching records.
Publications Project Description (Final)

Securing the Industrial Internet of Things: Cybersecurity for Distributed Energy Resources

August 15, 2019
https://csrc.nist.gov/pubs/pd/2019/08/15/securing-the-iiot-cybersecurity-for-distributed-en/final

Abstract: This project explores several scenarios in which information exchanges among commercial- and utility-scale distributed energy resources (DERs) and electric distribution grid operations can be protected from certain cybersecurity compromises. Components of these infrastructures form what is commonly...

Publications Conference Paper (Final)

Security Awareness in Action: A Case Study [extended abstract]

August 11, 2019
https://csrc.nist.gov/pubs/conference/2019/08/11/security-awareness-in-action-a-case-study/final

Conference: 5th Workshop on Security Information Workers (WSIW 2019) Abstract: The in-progress case study will allow for examination of a security awareness team from several perspectives via a multi-faceted approach involving: 1) interviews of security awareness team members, managers in the team’s chain-of-command, and agency employees who receive the security awareness...

Updates

Situational Awareness for Electric Utilities: NIST Publishes Cybersecurity Practice Guide SP 1800-7

August 7, 2019
https://csrc.nist.gov/news/2019/nist-publishes-sp-1800-7

NIST has published Cybersecurity Practice Guide Special Publication (SP) 1800-7, "Situational Awareness for Electric Utilities."

Publications SP 1800-7 (Final)

Situational Awareness for Electric Utilities

August 7, 2019
https://csrc.nist.gov/pubs/sp/1800/7/final

Abstract: Through direct dialogue between NCCoE staff and members of the energy sector (composed mainly of electric power companies and those who provide equipment and/or services to them) it became clear that energy companies need to create and maintain a high level of visibility into their operating environ...

Publications SP 800-162 (Final)

Guide to Attribute Based Access Control (ABAC) Definition and Considerations

August 2, 2019
https://csrc.nist.gov/pubs/sp/800/162/upd2/final

Abstract: This document provides Federal agencies with a definition of attribute based access control (ABAC). ABAC is a logical access control methodology where authorization to perform a set of operations is determined by evaluating attributes associated with the subject, object, requested operations, and, i...

Publications IR 8204 (Final) (Withdrawn)

Cybersecurity Framework Online Informative References (OLIR) Submissions: Specification for Completing the OLIR Template

August 1, 2019

https://csrc.nist.gov/pubs/ir/8204/upd2/final

Abstract: This document provides instructions and definitions for completing the Cybersecurity Framework (CSF) Online Informative References (OLIR) spreadsheet template available for download at https://www.nist.gov/cyberframework/informative-references. This document is intended to assist developers of...

Updates

Core Cybersecurity Feature Baseline for Securable IoT Devices: Draft NISTIR 8259 Available for Comment

July 31, 2019
https://csrc.nist.gov/news/2019/draft-nistir-8259-available-for-comment

NIST has released Draft NISTIR 8259, "Core Cybersecurity Feature Baseline for Securable IoT Devices: A Starting Point for IoT Device Manufacturers," for public comment. The comment period closes on September 30, 2019.

Updates

Multifactor Authentication for E-Commerce: NIST Publishes Cybersecurity Practice Guide SP 1800-17

July 30, 2019
https://csrc.nist.gov/news/2019/nist-publishes-sp-1800-17

NIST has published Cybersecurity Practice Guide Special Publication (SP) 1800-17, "Multifactor Authentication for E-Commerce: Risk-Based, FIDO Universal Second Factor Implementations for Purchasers"

Publications SP 1800-17 (Final)

Multifactor Authentication for E-Commerce: Risk-Based, FIDO Universal Second Factor Implementations for Purchasers

July 30, 2019
https://csrc.nist.gov/pubs/sp/1800/17/final

Abstract: As retailers in the United States have adopted chip-and-signature and chip-and-PIN (personal identification number) point-of-sale (POS) security measures, there have been increases in fraudulent online card-not-present electronic commerce (e-commerce) transactions. The risk of increased fraudulent o...

Updates

Draft Cybersecurity Practice Guide--Mobile Device Security: Corporate-Owned Personally-Enabled (COPE)

July 22, 2019
https://csrc.nist.gov/news/2019/nist-releases-draft-sp-1800-21-for-comment

The NCCoE has released Draft SP 1800-21, "Mobile Device Security: Corporate-Owned Personally-Enabled (COPE)," for public comment. The comment period ends September 23, 2019.

Updates

Transport Layer Security (TLS) Server Certificate Management: Public Draft of SP 1800-16 Available for Comment

July 17, 2019
https://csrc.nist.gov/news/2019/nccoe-releases-draft-sp-1800-16-for-comment

The NCCoE has released Draft SP 1800-16, "Securing Web Transactions: Transport Layer Security (TLS) Server Certificate Management," for public comment. The comment period ends September 13, 2019.

Updates

Draft White Paper: A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems

July 9, 2019
https://csrc.nist.gov/news/2019/draft-white-paper-emerging-blockchain-idms

A draft NIST Cybersecurity White Paper, "A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems," is available for public comment until August 9, 2019.

Publications TN 2051 (Final)

Cybersecurity Framework Smart Grid Profile

July 9, 2019
https://csrc.nist.gov/pubs/tn/2051/final

Abstract: The Smart Grid Profile applies risk management strategies from the Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework) to the smart grid and will serve as a foundation for refinements to support new grid architectures. The Profile provides cybersecurity risk manag...

Publications IR 7298 Rev. 3 (Final)

Glossary of Key Information Security Terms

July 3, 2019
https://csrc.nist.gov/pubs/ir/7298/r3/final

Abstract: This publication describes an online glossary of terms used in National Institute of Standards and Technology (NIST) and Committee on National Security Systems (CNSS) publications. This glossary utilizes a database of terms extracted from NIST Federal Information Processing Standards (FIPS), t...

Updates

Protecting the Integrity of Internet Routing: NIST Publishes Cybersecurity Practice Guide SP 1800-14

June 28, 2019
https://csrc.nist.gov/news/2019/nist-publishes-sp-1800-14

NIST has published Special Publication 1800-14, Protecting the Integrity of Internet Routing: Border Gateway Protocol (BGP) Route Origin Validation.

Updates

Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks: NISTIR 8228

June 25, 2019
https://csrc.nist.gov/news/2019/nist-publishes-nistir-8228

NIST has published NIST Interagency/Internal Report 8228, "Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks."

Publications IR 8228 (Final)

Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks

June 25, 2019
https://csrc.nist.gov/pubs/ir/8228/final

Abstract: The Internet of Things (IoT) is a rapidly evolving and expanding collection of diverse technologies that interact with the physical world. Many organizations are not necessarily aware of the large number of IoT devices they are already using and how IoT devices may affect cybersecurity and privacy r...

Updates

NCCoE Releases Two Data Confidentiality Draft Project Descriptions

June 24, 2019
https://csrc.nist.gov/news/2019/nccoe-releases-data-confidentiality-draft-project

The NCCoE at NIST has posted to data confidentiality draft project descriptions for public comment. Comments are due by July 29, 2019.

Publications Conference Paper (Final)

Motivating Cybersecurity Advocates: Implications for Recruitment and Retention

June 20, 2019
https://csrc.nist.gov/pubs/conference/2019/06/20/motivating-cybersecurity-advocates-recruitment-and/final

Conference: 55th ACM Conference on Computers and People Research (SIGMIS-CPR '19) Abstract: Given modern society's dependence on technological infrastructure vulnerable to cyber-attacks, the need to expedite cybersecurity adoption is paramount. Cybersecurity advocates are a subset of security professionals who promote, educate about, and motivate adoption of security best practices and tec...

Updates

NCCoE Posts Two Draft Project Descriptions to Support Small and Medium Businesses and to Secure Industrial Control Systems in the Manufacturing Sector

June 17, 2019
https://csrc.nist.gov/news/2019/nccoe-draft-project-descriptions-for-smbs-and-manu

The NCCoE has posted two draft Project Descriptions for public comment. Detecting and protecting against data integrity attacks in industrial control systems (ICS) closes July 25th. Continuous Monitoring (for small and medium businesses) is closes on July 26th.

Publications Project Description (Initial Public Draft)

Continuous Monitoring for IT Infrastructure: Techniques for auditing user activity and detecting irregular activity events within small and medium-size businesses

June 17, 2019
https://csrc.nist.gov/pubs/pd/2019/06/17/continuous-monitoring-for-it-infrastructure-for-sm/ipd

Abstract: Many organizations monitor business information technology (IT) infrastructure by manual inspection or computer-aided audits, which can result in after-the-fact detection of malicious-user access events. This project explores continuous monitoring capabilities that can effectively, efficiently, and...

Events

Security for IPv6 Enabled Enterprises

June 13, 2019 - June 13, 2019
https://csrc.nist.gov/events/2019/security-for-ipv6-enabled-enterprises

The National Cybersecurity Center of Excellence (NCCoE) will host a workshop on Security for IPv6 Enabled Enterprises on Thursday, June 13th at 8:30 a.m. in Rockville, MD. NIST’s NCCoE is developing a project plan to examine and demonstrate the state of security technologies and guidance specifications for IPv6 enabled enterprises. A primary focus of the workshop and subsequent NCCoE demonstration project is to examine the extent to which current commercially available security technologies can support wide scale deployment and use of IPv6 in a range of enterprise use case scenarios....

<< first   < previous   26     27     28     29     30     31     32     33     34     35     36     37     38     39     40     41     42     43     44     45     46     47     48     49     50  next >  last >>