Publications
SP 800-167 (Final)
October 28, 2015
https://csrc.nist.gov/pubs/sp/800/167/final
Abstract: An application whitelist is a list of applications and application components that are authorized for use in an organization. Application whitelisting technologies use whitelists to control which applications are permitted to execute on a host. This helps to stop the execution of malware, unlicensed...
Publications
SP 1500-4 (Final) (Withdrawn)
October 22, 2015
Withdrawn on June 26, 2018.
https://csrc.nist.gov/pubs/sp/1500/4/final
Abstract: Big Data is a term used to describe the large amount of data in the networked, digitized, sensor-laden, information-driven world. While opportunities exist with Big Data, the data can overwhelm traditional technical approaches and the growth of data is outpacing scientific and technological advances...
Events
October 21, 2015 - October 23, 2015
https://csrc.nist.gov/events/2015/ispab-october-2015-meeting
(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes Wednesday, October 21 NIST and NSA Future Plans for Quantum Resistant Cryptography Vincent M. Boyle, NSA Lily Chen, Computer Security Division, NIST Adrian Stanger, NSA Federal Government Cybersecurity: The 30-day Cybersecurity Sprint and the Marathon to Come Chris DeRusha, Office of Management and Budget (OMB) Presentation from National Highway Traffic Safety Administration (NHTSA) Cem Hatipoglu, National Highway Traffic Safety Administration (NHTSA) Discussion on Due Diligence on Cybersecurity,...
Publications
IR 7966 (Final)
October 15, 2015
https://csrc.nist.gov/pubs/ir/7966/final
Abstract: Users and hosts must be able to access other hosts in an interactive or automated fashion, often with very high privileges, for a variety of reasons, including file transfers, disaster recovery, privileged access management, software and patch management, and dynamic cloud provisioning. This is ofte...
Events
October 1, 2015 - October 2, 2015
https://csrc.nist.gov/events/2015/best-practices-in-cyber-supply-chain-risk-manageme
Full Details (Agenda, Case Studies & Workshop Briefings) On October 1-2, 2015, NIST will host a workshop to share information on Best Practices in Cyber Supply Chain Risk Management, which will provide insights on: State of practice in several industry sectors; Currently used tools, standards, and best practices; How to establish a business case for integrating cyber supply chain risk management into organization's overall risk management processes; How to communicate cyber supply chain concerns to executive leadership; Synergies between quality, continuity, cybersecurity and other...
Events
September 9, 2015 - September 11, 2015
https://csrc.nist.gov/events/2015/2015-cybersecurity-innovation-forum
The 2015 Cybersecurity Innovation Forum is a three-day event hosted by the National Institute of Standards and Technology, with participation from the National Security Agency, and the Department of Homeland Security. This event brings government and industry together to focus on current, emerging, and future challenges, technologies, projects, solutions, and research in trusted computing, security automation, and information sharing. The technical program covers four tracks: Trusted Computing Security Automation Cyber Information Sharing Research Tracks include lectures, panel...
Publications
SP 800-176 (Final)
August 20, 2015
https://csrc.nist.gov/pubs/sp/800/176/final
Abstract: Title III of the E-Government Act of 2002, entitled the Federal Information Security Management Act (FISMA) of 2002, requires NIST to prepare an annual public report on activities undertaken in the previous year, and planned for the coming year, to carry out responsibilities under this law. The prim...
