Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 1101 through 1125 of 1405 matching records.
Updates

Proposed Update to the Framework for Improving Critical Infrastructure Cybersecurity

January 25, 2017
https://csrc.nist.gov/news/2017/request-for-comments-on-proposed-cybersecurity-fra

NIST requests comments on a proposed update to the Framework for Critical Infrastructure Cybersecurity (the "Framework"). The proposed update to the Framework is available for review at http://www.nist.gov/​cyberframework.Comments are due April 10, 2017.

Publications IR 8062 (Final)

An Introduction to Privacy Engineering and Risk Management in Federal Systems

January 4, 2017
https://csrc.nist.gov/pubs/ir/8062/final

Abstract: This document provides an introduction to the concepts of privacy engineering and risk management for federal systems. These concepts establish the basis for a common vocabulary to facilitate better understanding and communication of privacy risk within federal systems, and the effective implementat...

Publications SP 800-184 (Final)

Guide for Cybersecurity Event Recovery

December 22, 2016
https://csrc.nist.gov/pubs/sp/800/184/final

Abstract: In light of an increasing number of cybersecurity events, organizations can improve resilience by ensuring that their risk management processes include comprehensive recovery planning. Identifying and prioritizing organization resources helps to guide effective plans and realistic test scenarios. Th...

Publications SP 800-70 Rev. 3 (Final) (Withdrawn)

National Checklist Program for IT Products: Guidelines for Checklist Users and Developers

December 8, 2016

https://csrc.nist.gov/pubs/sp/800/70/r3/upd1/final

Abstract: A security configuration checklist is a document that contains instructions or procedures for configuring an information technology (IT) product to an operational environment, for verifying that the product has been configured properly, and/or for identifying unauthorized changes to the product. Usi...

Publications SP 800-179 (Final) (Withdrawn)

Guide to Securing Apple OS X 10.10 Systems for IT Professionals: A NIST Security Configuration Checklist

December 5, 2016

https://csrc.nist.gov/pubs/sp/800/179/final

Abstract: This publication assists IT professionals in securing Apple OS X 10.10 desktop and laptop systems within various environments. It provides detailed information about the security features of OS X 10.10 and security configuration guidelines. The publication recommends and explains tested, secure sett...

Publications Journal Article (Final)

Defeating Buffer Overflow: A Trivial but Dangerous Bug

December 1, 2016
https://csrc.nist.gov/pubs/journal/2016/12/defeating-buffer-overflow-a-trivial-but-dangerous/final

Journal: IT Professional Abstract: With the C programming language comes buffer overflows. Because it is unlikely that the use of C will stop any time soon, the authors present some ways to deal with buffer overflows—both how to detect and prevent them.

Publications IR 8151 (Final)

Dramatically Reducing Software Vulnerabilities: Report to the White House Office of Science and Technology Policy

November 30, 2016
https://csrc.nist.gov/pubs/ir/8151/final

Abstract: The call for a dramatic reduction in software vulnerability is heard from multiple sources, recently from the February 2016 Federal Cybersecurity Research and Development Strategic Plan. This plan starts by describing well known risks: current systems perform increasingly vital tasks and are widely...

Publications Project Description (Final)

Mobile Application Single Sign-On: for Public Safety and First Responders

November 28, 2016
https://csrc.nist.gov/pubs/pd/2016/11/28/mobile-application-single-signon-for-psfr/final

Abstract: Mobile platforms offer a significant operational advantage to public safety stakeholders by giving them access to mission critical information and services while deployed in the field, during training and exercises, or participating in day-to-day business and preparations during non-emergency period...

Updates

NIST Released Draft Special Publication (SP) 800-187, Guide to LTE Security for public comment

November 21, 2016
https://csrc.nist.gov/news/2016/nist-released-draft-special-publication-(sp)-800-1

NIST invites comments on Draft NIST SP 800-187, Guide to LTE Security. Cellular technology plays an increasingly large role in society as it has become the primary portal to the Internet for a large segment of the population. One of the main drivers making this change possible is the deployment ...

Publications GCR 16-010 (Final)

Survey and New Directions for Physics-Based Attack Detection in Control Systems

November 21, 2016
https://csrc.nist.gov/pubs/gcr/16-010/final

Abstract: Monitoring the “physics” of control systems to detect attacks is a growing area of research. In its basic form a security monitor creates time-series models of sensor readings for an industrial control system and identifies anomalies in these measurements in order to identify potentially false contr...

Updates

NIST Announce the Release of NISTIR 7621 Revision 1, Small Business Information Security: The Fundamentals

November 14, 2016
https://csrc.nist.gov/news/2016/nist-announce-the-release-of-nistir-7621-revision

NIST released NISTIR 7621 Revision 1, Small Business Information Security: The Fundamentals. NIST developed this interagency report as a reference guideline about cybersecurity for small businesses...

Publications SP 800-160 (Final) (Withdrawn)

Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems

November 14, 2016

https://csrc.nist.gov/pubs/sp/800/160/final

Abstract: With the continuing frequency, intensity, and adverse consequences of cyber-attacks, disruptions, hazards, and other threats to federal, state, and local governments, the military, businesses, and the critical infrastructure, the need for trustworthy secure systems has never been more important to t...

Publications IR 7621 Rev. 1 (Final)

Small Business Information Security: The Fundamentals

November 3, 2016
https://csrc.nist.gov/pubs/ir/7621/r1/final

Abstract: NIST developed this interagency report as a reference guideline about cybersecurity for small businesses. This document is intended to present the fundamentals of a small business information security program in non-technical language.

Updates

Draft Special Publication 800-181, NICE Cybersecurity Workforce Framework (NCWF) -- National Initiative for Cybersecurity Education (NICE)

November 2, 2016
https://csrc.nist.gov/news/2016/draft-special-publication-800-181

NIST is pleased to release the draft NICE Cybersecurity Workforce Framework (NCWF) - a reference resource that will allow our nation to more effectively identify, recruit, develop and maintain its cybersecurity talent...

Publications Journal Article (Final)

The Power of Qualitative Methods: Aha Moments in Exploring Cybersecurity and Trust

November 1, 2016
https://csrc.nist.gov/pubs/journal/2016/11/the-power-of-qualitative-methods-cybersecurity-and/final

Journal: User Experience Magazine Abstract: This article outlines our experience as a multi-disciplinary team studying user perceptions of and experiences with cybersecurity. We trace our journey from mutual skepticism, to understanding, to acceptance using illustrations from our data. We also discuss our learning along the way—including the...

Events

FCSM Forum - Oct 2017

October 26, 2016 - October 26, 2016
https://csrc.nist.gov/events/2016/federal-computer-security-managers-forum-octobe

Presentations & Speakers at a Glance: National Cybersecurity Center of Excellence (NCCoE) Overview, Bill Newhouse, NIST; Developing ISCM Assessment Methodology, Chad Baer, DHS. NOTE: FORUM MEETINGS ARE OPEN TO ONLY FEDERAL/STATE EMPLOYEES, HIGHER EDUCATION EMPLOYEES, AND THEIR DESIGNATED SUPPORT CONTRACTORS. REGISTRANTS MUST USE A .GOV, .EDU, OR .MIL ADDRESS FOR SIGN-UP. SUPPORT CONTRACTORS MUST INDICATE THE AGENCY OR ORGANIZATION THEY SUPPORT. The Federal Computer Security Program Managers Forum (the "Forum") is an informal group sponsored by the National Institute of Standards...

Publications Conference Paper (Final)

Limiting The Impact of Stealthy Attacks on Industrial Control Systems

October 24, 2016
https://csrc.nist.gov/pubs/conference/2016/10/24/limiting-the-impact-of-stealthy-attacks-on-ics/final

Conference: 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS '16) Abstract: While attacks on information systems have for most practical purposes binary outcomes (information was manipulated/eavesdropped, or not), attacks manipulating the sensor or control signals of Industrial Control Systems (ICS) can be tuned by the attacker to cause a continuous spectrum in damages. Att...

Publications ITL Bulletin (Final)

Making Email Trustworthy

October 24, 2016
https://csrc.nist.gov/pubs/itlb/2016/10/making-email-trustworthy/final

Abstract: This bulletin summarizes the information presented in NIST SP 800-177, Trustworthy Email. This publication gives recommendations and guidelines for enhancing trust in email. This guideline applies to federal IT systems and will also be useful for any small or medium sized organizations.

Events

2016 HIPAA Conference

October 19, 2016 - October 20, 2016
https://csrc.nist.gov/events/2016/safeguarding-health-information-building-assuranc

NIST and the Department of Health and Human Services (HHS), Office for Civil Rights (OCR) are pleased to co-host the 9th annual conference, Safeguarding Health Information: Building Assurance through HIPAA Security, on October 19-20, 2016 at the Capital Hilton, Washington, D.C. The conference will explore the current healthcare cybersecurity landscape and the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. This event will highlight the present state of healthcare cybersecurity, and practical strategies, tips and techniques for implementing the HIPAA Security Rule....

Updates

NIST Released 2 Special Publications - Special Publication 800-178 and Special Publication 800-150

October 5, 2016
https://csrc.nist.gov/news/2016/special-publication-800-178-and-special-publicatio

Special Publication 800-178, A Comparison of ABAC Standards for Data Service Applications: XACML and NGAC and Special Publication 800-150, Guide to Cyber Threat Information Sharing ...

Updates

NIST Announce the Release of DRAFT NISTIR 8151, Dramatically Reducing Software Vulnerabilities: Report to the White House Office of Science and Technology Policy

October 4, 2016
https://csrc.nist.gov/news/2016/nist-announce-the-release-of-draft-nistir-8151

NIST invites comments on Draft NIST Interagency Report (NISTIR) 8151, Dramatically Reducing Software Vulnerabilities -- Report to the White House Office of Science and Technology Policy.

Publications SP 800-150 (Final)

Guide to Cyber Threat Information Sharing

October 4, 2016
https://csrc.nist.gov/pubs/sp/800/150/final

Abstract: Cyber threat information is any information that can help an organization identify, assess, monitor, and respond to cyber threats. Cyber threat information includes indicators of compromise; tactics, techniques, and procedures used by threat actors; suggested actions to detect, contain, or prevent a...

Updates

Open Meeting of the Information Security and Privacy Advisory Board (ISPAB)

September 28, 2016
https://csrc.nist.gov/news/2016/open-meeting-of-the-ispab

The Information Security and Privacy Advisory Board (ISPAB) will meet October 26-28, 2016. All sessions will be open to the public.

<< first   < previous   33     34     35     36     37     38     39     40     41     42     43     44     45     46     47     48     49     50     51     52     53     54     55     56     57  next >  last >>