Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 1126 through 1150 of 1425 matching records.
Publications Journal Article (Final)

Defeating Buffer Overflow: A Trivial but Dangerous Bug

December 1, 2016
https://csrc.nist.gov/pubs/journal/2016/12/defeating-buffer-overflow-a-trivial-but-dangerous/final

Journal: IT Professional Abstract: With the C programming language comes buffer overflows. Because it is unlikely that the use of C will stop any time soon, the authors present some ways to deal with buffer overflows—both how to detect and prevent them.

Publications IR 8151 (Final)

Dramatically Reducing Software Vulnerabilities: Report to the White House Office of Science and Technology Policy

November 30, 2016
https://csrc.nist.gov/pubs/ir/8151/final

Abstract: The call for a dramatic reduction in software vulnerability is heard from multiple sources, recently from the February 2016 Federal Cybersecurity Research and Development Strategic Plan. This plan starts by describing well known risks: current systems perform increasingly vital tasks and are widely...

Publications Project Description (Final)

Mobile Application Single Sign-On: for Public Safety and First Responders

November 28, 2016
https://csrc.nist.gov/pubs/pd/2016/11/28/mobile-application-single-signon-for-psfr/final

Abstract: Mobile platforms offer a significant operational advantage to public safety stakeholders by giving them access to mission critical information and services while deployed in the field, during training and exercises, or participating in day-to-day business and preparations during non-emergency period...

Updates

NIST Released Draft Special Publication (SP) 800-187, Guide to LTE Security for public comment

November 21, 2016
https://csrc.nist.gov/news/2016/nist-released-draft-special-publication-(sp)-800-1

NIST invites comments on Draft NIST SP 800-187, Guide to LTE Security. Cellular technology plays an increasingly large role in society as it has become the primary portal to the Internet for a large segment of the population. One of the main drivers making this change possible is the deployment ...

Publications GCR 16-010 (Final)

Survey and New Directions for Physics-Based Attack Detection in Control Systems

November 21, 2016
https://csrc.nist.gov/pubs/gcr/16-010/final

Abstract: Monitoring the “physics” of control systems to detect attacks is a growing area of research. In its basic form a security monitor creates time-series models of sensor readings for an industrial control system and identifies anomalies in these measurements in order to identify potentially false contr...

Updates

NIST Announce the Release of NISTIR 7621 Revision 1, Small Business Information Security: The Fundamentals

November 14, 2016
https://csrc.nist.gov/news/2016/nist-announce-the-release-of-nistir-7621-revision

NIST released NISTIR 7621 Revision 1, Small Business Information Security: The Fundamentals. NIST developed this interagency report as a reference guideline about cybersecurity for small businesses...

Publications SP 800-160 (Final) (Withdrawn)

Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems

November 14, 2016

https://csrc.nist.gov/pubs/sp/800/160/final

Abstract: With the continuing frequency, intensity, and adverse consequences of cyber-attacks, disruptions, hazards, and other threats to federal, state, and local governments, the military, businesses, and the critical infrastructure, the need for trustworthy secure systems has never been more important to t...

Publications IR 7621 Rev. 1 (Final)

Small Business Information Security: The Fundamentals

November 3, 2016
https://csrc.nist.gov/pubs/ir/7621/r1/final

Abstract: NIST developed this interagency report as a reference guideline about cybersecurity for small businesses. This document is intended to present the fundamentals of a small business information security program in non-technical language.

Updates

Draft Special Publication 800-181, NICE Cybersecurity Workforce Framework (NCWF) -- National Initiative for Cybersecurity Education (NICE)

November 2, 2016
https://csrc.nist.gov/news/2016/draft-special-publication-800-181

NIST is pleased to release the draft NICE Cybersecurity Workforce Framework (NCWF) - a reference resource that will allow our nation to more effectively identify, recruit, develop and maintain its cybersecurity talent...

Publications Journal Article (Final)

The Power of Qualitative Methods: Aha Moments in Exploring Cybersecurity and Trust

November 1, 2016
https://csrc.nist.gov/pubs/journal/2016/11/the-power-of-qualitative-methods-cybersecurity-and/final

Journal: User Experience Magazine Abstract: This article outlines our experience as a multi-disciplinary team studying user perceptions of and experiences with cybersecurity. We trace our journey from mutual skepticism, to understanding, to acceptance using illustrations from our data. We also discuss our learning along the way—including the...

Events

FCSM Forum - Oct 2017

October 26, 2016 - October 26, 2016
https://csrc.nist.gov/events/2016/federal-computer-security-managers-forum-octobe

Presentations & Speakers at a Glance: National Cybersecurity Center of Excellence (NCCoE) Overview, Bill Newhouse, NIST; Developing ISCM Assessment Methodology, Chad Baer, DHS. NOTE: FORUM MEETINGS ARE OPEN TO ONLY FEDERAL/STATE EMPLOYEES, HIGHER EDUCATION EMPLOYEES, AND THEIR DESIGNATED SUPPORT CONTRACTORS. REGISTRANTS MUST USE A .GOV, .EDU, OR .MIL ADDRESS FOR SIGN-UP. SUPPORT CONTRACTORS MUST INDICATE THE AGENCY OR ORGANIZATION THEY SUPPORT. The Federal Computer Security Program Managers Forum (the "Forum") is an informal group sponsored by the National Institute of Standards...

Publications Conference Paper (Final)

Limiting The Impact of Stealthy Attacks on Industrial Control Systems

October 24, 2016
https://csrc.nist.gov/pubs/conference/2016/10/24/limiting-the-impact-of-stealthy-attacks-on-ics/final

Conference: 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS '16) Abstract: While attacks on information systems have for most practical purposes binary outcomes (information was manipulated/eavesdropped, or not), attacks manipulating the sensor or control signals of Industrial Control Systems (ICS) can be tuned by the attacker to cause a continuous spectrum in damages. Att...

Publications ITL Bulletin (Final)

Making Email Trustworthy

October 24, 2016
https://csrc.nist.gov/pubs/itlb/2016/10/making-email-trustworthy/final

Abstract: This bulletin summarizes the information presented in NIST SP 800-177, Trustworthy Email. This publication gives recommendations and guidelines for enhancing trust in email. This guideline applies to federal IT systems and will also be useful for any small or medium sized organizations.

Events

2016 HIPAA Conference

October 19, 2016 - October 20, 2016
https://csrc.nist.gov/events/2016/safeguarding-health-information-building-assuranc

NIST and the Department of Health and Human Services (HHS), Office for Civil Rights (OCR) are pleased to co-host the 9th annual conference, Safeguarding Health Information: Building Assurance through HIPAA Security, on October 19-20, 2016 at the Capital Hilton, Washington, D.C. The conference will explore the current healthcare cybersecurity landscape and the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. This event will highlight the present state of healthcare cybersecurity, and practical strategies, tips and techniques for implementing the HIPAA Security Rule....

Updates

NIST Released 2 Special Publications - Special Publication 800-178 and Special Publication 800-150

October 5, 2016
https://csrc.nist.gov/news/2016/special-publication-800-178-and-special-publicatio

Special Publication 800-178, A Comparison of ABAC Standards for Data Service Applications: XACML and NGAC and Special Publication 800-150, Guide to Cyber Threat Information Sharing ...

Updates

NIST Announce the Release of DRAFT NISTIR 8151, Dramatically Reducing Software Vulnerabilities: Report to the White House Office of Science and Technology Policy

October 4, 2016
https://csrc.nist.gov/news/2016/nist-announce-the-release-of-draft-nistir-8151

NIST invites comments on Draft NIST Interagency Report (NISTIR) 8151, Dramatically Reducing Software Vulnerabilities -- Report to the White House Office of Science and Technology Policy.

Publications SP 800-150 (Final)

Guide to Cyber Threat Information Sharing

October 4, 2016
https://csrc.nist.gov/pubs/sp/800/150/final

Abstract: Cyber threat information is any information that can help an organization identify, assess, monitor, and respond to cyber threats. Cyber threat information includes indicators of compromise; tactics, techniques, and procedures used by threat actors; suggested actions to detect, contain, or prevent a...

Updates

Open Meeting of the Information Security and Privacy Advisory Board (ISPAB)

September 28, 2016
https://csrc.nist.gov/news/2016/open-meeting-of-the-ispab

The Information Security and Privacy Advisory Board (ISPAB) will meet October 26-28, 2016. All sessions will be open to the public.

Publications Project Description (Final)

Multifactor Authentication for e-Commerce: Online Authentication for the Retail Sector

September 20, 2016
https://csrc.nist.gov/pubs/pd/2016/09/20/multifactor-authentication-for-ecommerce/final

Abstract: As greater security control mechanisms are implemented at the point of sale, retailers in the U.S. may see a drastic increase in e-commerce fraud, similar to what has been widely observed in the United Kingdom and Europe following the rollout of Europay, MasterCard, and Visa (EMV) chip-and-PIN techn...

Events

Open Meeting of the Commission on Enhancing National Cybersecurity - September 2016

September 19, 2016
https://csrc.nist.gov/events/2016/open-meeting-of-the-commission-on-enhancing-nation

The Commission on Enhancing National Cybersecurity will meet Monday, September 19, 2016 from 9:00 a.m. until 5:00 p.m. Eastern Time at the American University Washington College of Law, Claudio Grossman Hall, Yuma Building. The primary purpose of the meeting is to discuss the challenges and opportunities for organizations and consumers in securing the digital economy. In particular, the meeting will address: (1) International concerns; (2) review of current state of cybersecurity; (3) growing and securing the digital economy; and (4) innovation and technology in the government. The meeting...

Publications IR 8103 (Final)

Advanced Identity Workshop on Applying Measurement Science in the Identity Ecosystem: Summary and Next Steps

September 19, 2016
https://csrc.nist.gov/pubs/ir/8103/final

Abstract: On January 12-13, 2016 the National Institute of Standards and Technology’s (NIST) Applied Cybersecurity Division (ACD) hosted the “Applying Measurement Science in the Identity Ecosystem” workshop to discuss the application of measurement science to digital identity management. This document summari...

Updates

NIST Releases Baldrige Cybersecurity Excellence Builder for Public Comment

September 15, 2016
https://csrc.nist.gov/news/2016/nist-releases-baldrige-cybersecurity-excellence-bu

NIST has released a draft of the Baldridge Cybersecurity Excellence Builder, a self-assessment tool to help organizations better understand the effectiveness of their cybersecurity risk management efforts.

<< first   < previous   33     34     35     36     37     38     39     40     41     42     43     44     45     46     47     48     49     50     51     52     53     54     55     56     57  next >  last >>