Search CSRC

Information Relevant to Cybersecurity

Smart Grid Cybersecurity Committee

SGCC

NICE

NCCIC

NCCoE

National Initiative for Cybersecurity Education

National Cybersecurity and Communications Integration Center

National Cybersecurity Center of Excellence

Device Cybersecurity Capability

Device Cybersecurity Capability Core Baseline

Degraded Cybersecurity State

cybersecurity event

Cybersecurity Incident

Cybersecurity Risk

Cybersecurity State

NIST Cybersecurity Role-based Training Study​ Presentation

Type: Presentation

NIST IoT Morning Coffee Session for Forum Members

The Federal Cybersecurity and Privacy Professionals Forum (formerly the Federal Computer Security Program Managers Forum) is an informal group sponsored by the National Institute of Standards and Technology (NIST) to promote the sharing of system security and privacy information among federal, state, and local government, and higher education employees. The Forum maintains an extensive e-mail list and holds quarterly meetings to discuss current issues and items of interest to those responsible for protecting non-national security systems. For more information about the Forum and instructions...

Overview of SP 800-213 / 213A: IoT Device Cybersecurity Guidance for the Federal Government

Type: Presentation

Key NIST Resources and Activities

Focusing on federal agencies but also engaging with and providing resources useful to government at other levels as well as the private sector, NIST: Guidance on Software Supply Chain Security, under Executive Order 14028 Sections 4(c) and (d), focuses on the critical sub-discipline of Cybersecurity Supply Chain Risk Management (C-SCRM) from the lens of federal acquirers. It covers both existing and evolving standards, tools, and recommended practices. The guidance is co-located with related EO guidance under NIST’s purview and will be maintained online to more easily update guidance on...

NIST Releases Cybersecurity White Paper: Planning for a Zero Trust Architecture

NIST announces the publication of a Cybersecurity White Paper (CSWP), Planning for a Zero Trust Architecture: A Guide for Federal Administrators, which describes processes for migrating to a zero trust architecture using the NIST Risk Management Framework (RMF).

Planning for a Zero Trust Architecture: A Planning Guide for Federal Administrators

Abstract: NIST Special Publication 800-207 defines zero trust as a set of cybersecurity principles used when planning and implementing an enterprise architecture. These principles apply to endpoints, services, and data flows. Input and cooperation from various stakeholders in an enterprise is needed for a zer...

New EO Guidance for Cybersecurity Supply Chain Risk Management

NIST has released a revised publication, "Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations," NIST Special Publication 800-161r1.

Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations

Abstract: Organizations are concerned about the risks associated with products and services that may potentially contain malicious functionality, are counterfeit, or are vulnerable due to poor manufacturing and development practices within the supply chain. These risks are associated with an enterprise’s decr...

Software Security in Supply Chains

Abstract: The President’s Executive Order (EO) on “Improving the Nation’s Cybersecurity (14028)” issued on May 12, 2021, charges multiple agencies – including NIST – with enhancing cybersecurity through a variety of initiatives related to the security and integrity of the software supply chain. The EO acknowl...