Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 1151 through 1175 of 1405 matching records.
Publications ITL Bulletin (Final)

Combinatorial Testing for Cybersecurity and Reliability

May 12, 2016
https://csrc.nist.gov/pubs/itlb/2016/05/combinatorial-testing-for-cybersecurity-and-reliab/final

Abstract: This bulletin focuses on NIST's combinatorial testing work. Combinatorial testing is a proven method for more effective software testing at lower cost. The key insight underlying combinatorial testing's effectiveness resulted from a series of studies by NIST from 1999 to 2004. NIST research showed...

Publications Project Description (Initial Public Draft)

Securing Non-Credit Card, Sensitive Consumer Data: Consumer Data Security for the Retail Sector

May 9, 2016
https://csrc.nist.gov/pubs/pd/2016/05/09/securing-sensitive-consumer-data-noncc/ipd

Abstract: As a result of payment card industry standards and a strong understanding of the value of valid credit card information in the black market, the retail industry has already invested in security mechanisms to protect credit card data, also referred to as cardholder data. However, this cardholder data...

Publications Project Description (Final)

Data Integrity: Recovering from a destructive malware attack

May 9, 2016
https://csrc.nist.gov/pubs/pd/2016/05/09/data-integrity-recovering-from-malware/final

Abstract: Threats of destructive malware, malicious insider activity, and even honest mistakes create the imperative for organizations to be able to quickly recover from an event that alters or destroys any form of data (database records, system files, configurations, user files, application code, etc.). Orga...

Updates

Open Meeting of the Commission on Enhancing National Cybersecurity

May 6, 2016
https://csrc.nist.gov/news/2016/commission-on-enhancing-national-cybersecurity-(ma

The Commission on Enhancing National Cybersecurity (the “Commission”) will meet Monday, May 16, 2016, from 9:00 a.m. until 4:00 p.m. Eastern Time in Vanderbilt Hall at the New York University (NYU) School of Law

Updates

The Information Security and Privacy Advisory Board welcomes New Chair Christopher Boyer

April 26, 2016
https://csrc.nist.gov/news/2016/the-ispab-welcome-new-chair

A new chair, Christopher Boyer, was appointed to the National Institute of Standards and Technology (NIST) Information Security and Privacy Advisory Board (ISPAB). ...

Updates

NIST Released the final version of NISTIR 8060, Guidelines for the Creation of Interoperable Software Identification (SWID) Tags

April 25, 2016
https://csrc.nist.gov/news/2016/nist-released-the-final-version-of-nistir-8060

NIST is pleased to announce the release of NIST Interagency Report (NISTIR) 8060, Guidelines for the Creation of Interoperable Software Identification (SWID) Tags. This report provides an overview of the capabilities and usage of Software Identification (SWID)...

Updates

NIST requests comments on the second draft of Special Publication (SP) 800-150, Guide to Cyber Threat Information Sharing

April 21, 2016
https://csrc.nist.gov/news/2016/requests-comments-second-draft-of-sp-800-150

NIST requests comments on the Second Draft of Special Publication (SP) 800-150, Guide to Cyber Threat Information Sharing. This draft provides guidelines for establishing, participating in, and maintaining cyber threat information sharing relationships...

Publications CSWP 4 (Final)

Best Practices for Privileged User PIV Authentication

April 21, 2016
https://csrc.nist.gov/pubs/cswp/4/best-practices-for-privileged-user-piv-authenticat/final

Abstract: The Cybersecurity Strategy and Implementation Plan (CSIP), published by the Office of Management and Budget (OMB) on October 30, 2015, requires that federal agencies use Personal Identity Verification (PIV) credentials for authenticating privileged users. This will greatly reduce unauthorized access...

Updates

NIST Announces Release of Draft NISTIR 8071, LTE Architecture Overview and Security Analysis

April 12, 2016
https://csrc.nist.gov/news/2016/nist-announces-release-of-draft-nistir-8071

NIST requests comments on Draft NIST Internal Report (NISTIR) 8071, LTE Architecture Overview and Security Analysis. Cellular technology plays an increasingly large role in society as it has become the primary portal to the Internet for a large segment of the population. ...

Updates

Open Meeting of the Commission on Enhancing National Cybersecurity

April 7, 2016
https://csrc.nist.gov/news/2016/commission-on-enhancing-national-cybersecurity-(ap

The Commission on Enhancing National Cybersecurity will meet Thursday, April 14, 2016, from 1 p.m. until 4 p.m. Eastern Time.

Events

Cybersecurity Framework Workshop 2016

April 6, 2016 - April 7, 2016
https://csrc.nist.gov/events/2016/cybersecurity-framework-workshop-2016

Full Workshop Details Executive Order 13636, Improving Critical Infrastructure Cybersecurity, directed NIST to work with stakeholders to develop a voluntary framework for reducing cyber risks to critical infrastructure. Version 1.0 of the Cybersecurity Framework, released on February 12, 2014, was developed in an open manner with input from stakeholders in industry, academia, and government, including a public review and comment process, workshops, and other means of engagement. In the time since the Framework's publication, NIST's primary goals have been to raise awareness of the...

Publications Conference Paper (Final)

Performance Evaluation of Secure Industrial Control System Design: A Railway Control System Case Study

April 5, 2016
https://csrc.nist.gov/pubs/conference/2016/04/05/performance-eval-of-secure-ics-design-railway-cont/final

Conference: 11th Annual Cyber and Information Security Research Conference (CISRC '16) Abstract: Industrial control systems (ICS) are composed of sensors, actuators, control processing units, and communication devices all interconnected to provide monitoring and control capabilities. Due to the integral role of the networking infrastructure, such systems are vulnerable to cyber attacks. Indepth...

Publications Journal Article (Final)

Using a Capability Oriented Methodology to Build Your Cloud Ecosystem

March 31, 2016
https://csrc.nist.gov/pubs/journal/2016/03/using-capability-oriented-methodology-to-build-clo/final

Journal: IEEE Cloud Computing Magazine Abstract: Organizations often struggle to capture the necessary functional capabilities for each cloud-based solution adopted for their information systems. Identifying, defining, selecting, and prioritizing these functional capabilities and the security components that implement and enforce them is surprisin...

Events

FISSEA 29th Annual Conference

March 15, 2016 - March 16, 2016
https://csrc.nist.gov/events/2016/fissea-29th-annual-conference

29th Annual Conference March 15-16, 2016 The Quest for the Un-hackable Human: The Power of Cybersecurity Awareness and Training FISSEA Agenda with Presentation Links Conference Program Program focus: Awareness, Training, Education, and Certification issues New techniques for developing and conducting effective, meaningful training Workforce development Cybersecurity governance IG Metrics Internet of Things Social networking - social media Continuous Diagnostics and Mitigation (CDM) Training for the trainers Attendees gain: Big impact for low cost Networking opportunities...

Publications IR 8054 (Final)

NSTIC Pilots: Catalyzing the Identity Ecosystem

March 15, 2016
https://csrc.nist.gov/pubs/ir/8054/upd1/final

Abstract: Pilots are an integral part of the National Strategy for Trusted Identities in Cyberspace (NSTIC), issued by the White House in 2011 to encourage enhanced security, privacy, interoperability, and ease of use for online transactions. This document details summaries and outcomes of NSTIC pilots; in ad...

Publications SP 800-154 (Initial Public Draft)

Guide to Data-Centric System Threat Modeling

March 14, 2016
https://csrc.nist.gov/pubs/sp/800/154/ipd

Abstract: Threat modeling is a form of risk assessment that models aspects of the attack and defense sides of a particular logical entity, such as a piece of data, an application, a host, a system, or an environment. This publication examines data-centric system threat modeling, which is threat modeling that...

Publications Project Description (Final)

Domain Name System-Based Security for Electronic Mail

March 4, 2016
https://csrc.nist.gov/pubs/pd/2016/03/04/domain-name-systembased-security-for-electronic-ma/final

Abstract: The Domain Name System-Based Security for Electronic Mail project will produce a proof of concept security platform that will demonstrate trustworthy email exchanges across organizational boundaries. The product of the project will include authentication of mail servers, signing and encryption of em...

Updates

NIST Announces Release of Draft NISTIR 8103, Advanced Identity Workshop on Applying Measurement Science in the Identity Ecosystem: Summary and Next Steps

February 17, 2016
https://csrc.nist.gov/news/2016/nist-announces-release-of-draft-nistir-8103

On January 12-13, 2016 the Applied Cybersecurity Division (ACD) in the National Institute of Standards and Technology’s (NIST) Information Technology Laboratory hosted the “Applying Measurement Science in the Identity Ecosystem”...

Publications ITL Bulletin (Final)

Implementing Trusted Geolocation Services in the Cloud

February 17, 2016
https://csrc.nist.gov/pubs/itlb/2016/02/implementting-trusted-geolocation-services-in-the/final

Abstract: The bulletin summarizes the information presented in NISTIR 7904, "Trusted Geolocation in the Cloud: Proof of Concept Implementation". The publication explains security challenges involving Infrastructure as a Service (IaaS) cloud computing technologies and geolocation.

Updates

Views on the Framework for Improving Critical Infrastructure Cybersecurity

February 12, 2016
https://csrc.nist.gov/news/2016/framework-for-improving-critical-infrastructure-cy

The National Institute of Standards and Technology (NIST) is extending the period for submitting comments relating to the “Framework for Improving Critical Infrastructure Cybersecurity

Updates

A NIST Draft Whitepaper titled "Best Practices for Privileged User PIV Authentication" is available for public comment.

February 5, 2016
https://csrc.nist.gov/news/2016/bp-for-privileged-user-piv-authentication-publi

This draft white paper is a best practices guide. The paper is in response to the Cybersecurity Strategy and Implementation Plan (CSIP), published by the Office of Management and Budget (OMB) ...

Publications Journal Article (Final)

Learning Internet of Things Security "Hands-On"

February 3, 2016
https://csrc.nist.gov/pubs/journal/2016/02/learning-internet-of-things-security-handson/final

Journal: IEEE Security & Privacy Abstract: What can you glean from using inexpensive, off-the-shelf parts to create Internet of Things (IoT) use cases? As it turns out, a lot. The fast productization of IoT technologies is leaving users vulnerable to security and privacy risks.

<< first   < previous   33     34     35     36     37     38     39     40     41     42     43     44     45     46     47     48     49     50     51     52     53     54     55     56     57  next >  last >>