Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 176 through 200 of 1250 matching records.
Events

Forum Meeting - December 5, 2023

December 5, 2023 - December 5, 2023
https://csrc.nist.gov/events/2023/forum-meeting-december-5-2023

The Federal Cybersecurity and Privacy Professionals Forum is an informal group sponsored by the National Institute of Standards and Technology (NIST) to promote the sharing of system security and privacy information among federal, state, and local government, and higher education employees. The Forum maintains an extensive e-mail list and holds quarterly meetings to discuss current issues and items of interest to those responsible for protecting non-national security systems. For more information about the Forum and instructions on how to join, see: https://csrc.nist.gov/Projects/forum....

Project Pages

Learn. What is the CPRT?

https://csrc.nist.gov/projects/cprt/learn

NIST seeks to accelerate the adoption of our cybersecurity and privacy standards, guidelines, and frameworks by making it much easier for users of NIST products to identify, locate, compare, and customize content across NIST’s standards, guidelines, and practices. This will also add value to our existing NIST guidance by delivering human- and machine-consumable information. What is the Cybersecurity and Privacy Reference Tool (CPRT)? The CPRT provides a centralized, standardized, and modernized mechanism for managing reference datasets (and offers a consistent format for accessing reference...

Projects

Cybersecurity and Privacy Reference Tool

https://csrc.nist.gov/projects/cprt

Want to build your own cybersecurity guidance? This tool provides a simple way to access reference data from various NIST cybersecurity and privacy standards, guidelines, and Frameworks– downloadable in common formats (XSLS and JSON). Other News & Info Program News Get the scoop on what’s been happening with the CPRT program. More Contact Us Reach out via email with questions, ideas, or thoughts. Email

Project Pages

About

https://csrc.nist.gov/projects/cprt/about

Why are we doing this? NIST seeks to : Accelerate the adoption of our cybersecurity and privacy standards, guidelines, and frameworks by making it much easier for users of NIST products to identify, locate, compare, and customize content across NIST’s standards, guidelines, and practices. Add value to our existing reference datasets by delivering human- and machine-consumable reference datasets. The CPRT provides a centralized, standardized, and modernized mechanism for managing reference datasets, eventually creating the opportunity to correlate and establish relationships...

Project Pages

Key NIST Resource List

https://csrc.nist.gov/projects/cprt/resources

CPRT Roadmap Explore the CPRT Project Roadmap, a strategic guide delineating our three crucial phases. Mappings to NIST Documents Explore the process for developing and submitting standardized mappings that involve NIST cybersecurity and privacy publications. Cross-Reference Comparison Report Tool Browse and compare the mappings and crosswalks of industry standards and frameworks to existing NIST Publications. JSON and CSV downloadable content is available for additional customization of the generated reports.

Publications Conference Paper (Final)

The Design and Application of a Unified Ontology for Cyber Security

December 3, 2023
https://csrc.nist.gov/pubs/conference/2023/12/03/the-design-and-application-of-a-unified-ontology-f/final

Conference: 19th International Conference on Information and Systems Security (ICISS 2023) Abstract: Ontology enables semantic interoperability, making it highly valuable for cyber threat hunting. Community-driven frameworks like MITRE ATT&CK, D3FEND, ENGAGE, CWE and CVE have been developed to combat cyber threats. However, manually navigating these independent data sources is time-consuming an...

Updates

The NIST Phish Scale User Guide is Now Available!

November 20, 2023
https://csrc.nist.gov/news/2023/the-nist-phish-scale-user-guide-is-now-available

The National Institute of Standards and Technology Human-Centered Cybersecurity program is pleased to announce the release of the NIST Phish Scale User Guide.

Project Pages

Program News

https://csrc.nist.gov/projects/cprt/program-news

What have we been up to? Here are some of the latest updates… We are currently in Phase 1 of updating the CPRT roadmap tool. Stay tuned as NIST adds reference data from other publications to this tool and develops features to interact with the data in new ways in the future. Other key moments in NIST CPRT history: 01/19/2023 | Design Improvements were made to enhance user experience (including changes to design elements, linking capabilities, and catalog page updates) 07/20/2022 | NIST Special Publication SP 800-221A (initial public draft), Information and Communications Technology...

Updates

Just Released! Risk Management in the Enterprise: NIST SP 800-221 & NIST SP 800-221A

November 17, 2023
https://csrc.nist.gov/news/2023/just-released-nist-sp-800-221-nist-sp-800-221a

Today, NIST is issuing best practices on how to better integrate ICT risk programs into an overarching ERM portfolio—given special attention to coordination and communication across risk programs.

Publications SP 800-221 (Final)

Enterprise Impact of Information and Communications Technology Risk: Governing and Managing ICT Risk Programs Within an Enterprise Risk Portfolio

November 17, 2023
https://csrc.nist.gov/pubs/sp/800/221/final

Abstract: All enterprises should ensure that information and communications technology (ICT) risk receives appropriate attention within their enterprise risk management (ERM) programs. This document is intended to help individual organizations within an enterprise improve their ICT risk management (ICTRM). Th...

Publications SP 800-221A (Final)

Information and Communications Technology (ICT) Risk Outcomes: Integrating ICT Risk Management Programs with the Enterprise Risk Portfolio

November 17, 2023
https://csrc.nist.gov/pubs/sp/800/221/a/final

Abstract: The increasing frequency, creativity, and severity of technology attacks means that all enterprises should ensure that information and communications technology (ICT) risk is receiving appropriate attention within their enterprise risk management (ERM) programs. Specific types of ICT risk include, b...

Updates

Open for Public Comment: Draft NIST IR 8496 for Data Classification

November 15, 2023
https://csrc.nist.gov/news/2023/open-for-public-comment-draft-nist-ir-8496

The National Cybersecurity Center of Excellence (NCCoE) has released the initial public draft of NIST IR 8496 for public comment. The comment period closes on January 9, 2024.

Publications IR 8496 (Initial Public Draft)

Data Classification Concepts and Considerations for Improving Data Collection

November 15, 2023
https://csrc.nist.gov/pubs/ir/8496/ipd

Abstract: Data classification is the process an organization uses to characterize its data assets using persistent labels so those assets can be managed properly. Data classification is vital for protecting an organization’s data at scale because it enables application of cybersecurity and privacy protection...

Publications TN 2276 (Final)

NIST Phish Scale User Guide

November 15, 2023
https://csrc.nist.gov/pubs/tn/2276/final

Abstract: Phishing cyber threats impact private and public sectors both in the United States and internationally. Embedded phishing awareness training programs, in which simulated phishing emails are sent to employees, are designed to prepare employees in these organizations to combat real-world phishing scen...

Updates

NIST issues SP 800-53 Release 5.1.1 in Cybersecurity and Privacy Reference Tool

November 7, 2023
https://csrc.nist.gov/news/2023/cybersecurity-and-privacy-reference-tool-update

NIST has issued SP 800-53 Release 5.1.1 in the Cybersecurity and Privacy Reference Tool (CPRT).

Project Pages

Federal Information Security Modernization Act (FISMA) Background

https://csrc.nist.gov/projects/risk-management/fisma-background

The suite of NIST information security risk management standards and guidelines is not a "FISMA Compliance checklist." Federal agencies, contractors, and other sources that use or operate a federal information system use the suite of NIST Risk Management standards and guidelines to develop and implement a risk-based approach to manage information security risk. FISMA emphasizes the importance of risk management. Compliance with applicable laws, regulations, executive orders, directives, etc. is a byproduct of implementing a robust, risk-based information security program. The NIST Risk...

Updates

NIST Invites Public Comments on SP 800-53 Controls and Plans Patch Release 5.1.1

October 17, 2023
https://csrc.nist.gov/news/2023/nist-invites-public-comments-on-sp-800-53-controls

NIST is issuing one new proposed control and two control enhancements with corresponding assessment procedures for an expedited 2-week public comment period for October 17–31, 2023.

Updates

NIST Publishes NIST IR 8473, Cybersecurity Framework Profile for Electric Vehicle Extreme Fast Charging Infrastructure

October 16, 2023
https://csrc.nist.gov/news/2023/nist-publishes-nist-ir-8473

The NIST NCCoE has published the final version of NIST Internal Report (NIST IR) 8473, Cybersecurity Framework Profile for Electric Vehicle Extreme Fast Charging Infrastructure.

<< first   < previous   1     2     3     4     5     6     7     8     9     10     11     12     13     14     15     16     17     18     19     20     21     22     23     24     25  next >  last >>