Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 126 through 150 of 1250 matching records.
Events

Enhancing Security of Devices and Components

February 27, 2024 - February 27, 2024
https://csrc.nist.gov/events/2024/enhancing-security-of-devices-and-components

Agenda Introduction and Overview 9:00 – 9:25 ET Sanjay Rekhi - NIST Kevin Stine - NIST Hardware Development Lifecycle 9:30 – 10:30 ET Jonathan Ring – Office of the National Cyber Director Adam Golodner - Semiconductor Industry Association Matt Areno – Intel Michael Ogata – NIST 10:30 – 10:45 ET Break Metrology 10:45 – 11:45 ET Lok Yan – DARPA Mark Tehranipoor – University of Florida Jason Oberg – Cycuity, Inc. Nelson Hastings – NIST 11:45 – 12:45 ET Lunch...

Events

Forum Meeting - February 27, 2024

February 27, 2024 - February 27, 2024
https://csrc.nist.gov/events/2024/forum-meeting-february-27-2024

The Federal Cybersecurity and Privacy Professionals Forum is an informal group sponsored by the National Institute of Standards and Technology (NIST) to promote the sharing of system security and privacy information among federal, state, and local government, and higher education employees. The Forum maintains an extensive e-mail list and holds quarterly meetings to discuss current issues and items of interest to those responsible for protecting non-national security systems. For more information about the Forum and instructions on how to join, see: https://csrc.nist.gov/Projects/forum....

Updates

The NIST Cybersecurity Framework (CSF) 2.0 is Here!

February 26, 2024
https://csrc.nist.gov/news/2024/the-nist-csf-20-is-here

The NIST Cybersecurity Framework (CSF) 2.0 is now available, along with many supplementary resources.

Publications IR 8477 (Final)

Mapping Relationships Between Documentary Standards, Regulations, Frameworks, and Guidelines: Developing Cybersecurity and Privacy Concept Mappings

February 26, 2024
https://csrc.nist.gov/pubs/ir/8477/final

Abstract: This document describes the National Institute of Standards and Technology’s (NIST’s) approach to mapping the elements of documentary standards, regulations, frameworks, and guidelines to a particular NIST publication, such as Cybersecurity Framework (CSF) Subcategories or SP 800-53r5 controls. This...

Publications SP 1303 (Initial Public Draft)

NIST Cybersecurity Framework 2.0: Enterprise Risk Management Quick-Start Guide

February 26, 2024
https://csrc.nist.gov/pubs/sp/1303/ipd

Abstract: This guide provides an introduction to using the NIST Cybersecurity Framework (CSF) 2.0 for planning and integrating an enterprise-wide process for integrating cybersecurity risk management information, as a subset of information and communications technology risk management, into enterprise risk ma...

Publications SP 1305 (Initial Public Draft)

NIST Cybersecurity Framework 2.0: Quick-Start Guide for Cybersecurity Supply Chain Risk Management (C-SCRM)

February 26, 2024
https://csrc.nist.gov/pubs/sp/1305/ipd

Abstract: Use the CSF to Improve Your C-SCRM Processes. The CSF can help an organization become a smart acquirer and supplier of technology products and services. This guide focuses on two ways the CSF can help you: 1)Use the CSF’s GV.SC Category to establish and operate a C-SCRM capability. 2) Define and com...

Publications CSWP 32 (Initial Public Draft)

NIST Cybersecurity Framework 2.0: A Guide to Creating Community Profiles

February 26, 2024
https://csrc.nist.gov/pubs/cswp/32/nist-csf-20-a-guide-to-creating-community-profiles/ipd

Abstract: The NIST Cybersecurity Framework (CSF) 2.0 introduced the term “Community Profiles” to reflect the use of the CSF for developing use case-specific cybersecurity risk management guidance for multiple organizations. This guide provides considerations for creating and using Community Profiles to help i...

Publications IR 8278 Rev. 1 (Final)

National Online Informative References (OLIR) Program: Overview, Benefits, and Use

February 26, 2024
https://csrc.nist.gov/pubs/ir/8278/r1/final

Abstract: Information and communications technology (ICT) domains — such as cybersecurity, privacy, and Internet of Things (IoT) — have many requirements and recommendations made by national and international standards, guidelines, frameworks, and regulations. An Online Informative Reference (OLIR) provides a...

Publications IR 8278A Rev. 1 (Final)

National Online Informative References (OLIR) Program: Submission Guidance for OLIR Developers

February 26, 2024
https://csrc.nist.gov/pubs/ir/8278/a/r1/final

Abstract: The National Online Informative References (OLIR) Program is a NIST effort to facilitate standardized definitions of Online Informative References (OLIRs) by subject matter experts. OLIRs are relationships between elements of documents from cybersecurity, privacy, and other information and communica...

Publications CSWP 29 (Final)

The NIST Cybersecurity Framework (CSF) 2.0

February 26, 2024
https://csrc.nist.gov/pubs/cswp/29/the-nist-cybersecurity-framework-csf-20/final

Abstract: The NIST Cybersecurity Framework (CSF) 2.0 provides guidance to industry, government agencies, and other organizations to manage cybersecurity risks. It offers a taxonomy of high-level cybersecurity outcomes that can be used by any organization — regardless of its size, sector, or maturity — to bett...

Publications SP 1300 (Final)

NIST Cybersecurity Framework 2.0: Small Business Quick-Start Guide

February 26, 2024
https://csrc.nist.gov/pubs/sp/1300/final

Abstract: This guide provides small-to-medium sized businesses (SMB), specifically those who have modest or no cybersecurity plans in place, with considerations to kick-start their cybersecurity risk management strategy by using the NIST Cybersecurity Framework (CSF) 2.0. The guide also can assist other relat...

Publications SP 1301 (Final)

NIST Cybersecurity Framework 2.0: Quick-Start Guide for Creating and Using Organizational Profiles

February 26, 2024
https://csrc.nist.gov/pubs/sp/1301/final

Abstract: This Quick-Start Guide gives an overview of creating and using organizational profiles for NIST CSF 2.0. An Organizational Profile describes an organization’s current and/or target cybersecurity posture in terms of cybersecurity outcomes from the Cybersecurity Framework (CSF) Core. Organizational Pr...

Publications SP 1299 (Final)

NIST Cybersecurity Framework 2.0: Resource and Overview Guide

February 26, 2024
https://csrc.nist.gov/pubs/sp/1299/final

Abstract: This brief report presents a high-level overview of the CSF 2.0 and provides links to relevant resources such as the CSF 2.0 specification and supporting Quick-Start Guides.

Publications SP 1302 (Initial Public Draft)

NIST Cybersecurity Framework 2.0: Quick-Start Guide for Using the CSF Tiers

February 26, 2024
https://csrc.nist.gov/pubs/sp/1302/ipd

Abstract: This Quick-Start Guide describes how to apply the CSF 2.0 Tiers. CSF Tiers can be applied to CSF Organizational Profiles to characterize the rigor of an organization’s cybersecurity risk governance and management outcomes. This can help provide context on how an organization views cybersecurity risk...

Publications SP 1800-28 (Final)

Data Confidentiality: Identifying and Protecting Assets Against Data Breaches

February 23, 2024
https://csrc.nist.gov/pubs/sp/1800/28/final

Abstract: Attacks that target data are of concern to companies and organizations across many industries. Data breaches represent a threat that can have monetary, reputational, and legal impacts. This guide seeks to provide guidance concerning the threat of data breaches, exemplifying standards and technologie...

Publications SP 1800-29 (Final)

Data Confidentiality: Detect, Respond to, and Recover from Data Breaches

February 23, 2024
https://csrc.nist.gov/pubs/sp/1800/29/final

Abstract: Attacks that target data are of concern to companies and organizations across many industries. Data breaches represent a threat that can have monetary, reputational, and legal impacts. This guide seeks to provide guidance around the threat of data breaches, exemplifying standards and technologies th...

Project Pages

Explainability, Verification, and Validation for Assured Autonomy and AI

https://csrc.nist.gov/projects/automated-combinatorial-testing-for-software/autonomous-systems-assurance/explainable-ai

Autonomous systems are increasingly seen in safety-critical domains, such as self-driving vehicles and autonomous aircraft. Unfortunately, methods developed for ultra-reliable software, such as avionics, depend on measures of structural coverage that do not apply to neural networks or other black-box functions often used in machine learning. This problem is recognized and teams are seeking solutions in aviation and other fields. As one notes, "How do we determine that the data gathered to train an AI system is suitably representative of the real world?[1]" This key question is currently...

<< first   < previous   1     2     3     4     5     6     7     8     9     10     11     12     13     14     15     16     17     18     19     20     21     22     23     24     25  next >  last >>