Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 551 through 575 of 1222 matching records.
Updates

Considerations for Digital Twin Technology and Emerging Standards: Draft NISTIR 8356 Available for Comment

April 16, 2021
https://csrc.nist.gov/news/2021/draft-nistir-8356-digital-twin-technology

Draft NISTIR 8356, "Considerations for Digital Twin Technology and Emerging Standards," is now available for public comment through June 16, 2021.

Publications IR 8356 (Initial Public Draft)

Considerations for Digital Twin Technology and Emerging Standards

April 16, 2021
https://csrc.nist.gov/pubs/ir/8356/ipd

Abstract: Digital twin technology enables the creation of electronic representations of real-world entities and the viewing of the state of those entities. Its full vision will require standards that have not yet been developed. It is relatively new although it uses many existing foundational technologies and...

Updates

Automation of the Cryptographic Module Validation Program (CMVP)

April 12, 2021
https://csrc.nist.gov/news/2021/automation-of-the-cmvp

The NCCoE is requesting comments on a new Draft Project Description, "Automation of the Cryptographic Module Validation Program (CMVP)." Public comments may be submitted through May 12, 2021.

Updates

Securing Property Management Systems: Cybersecurity Practice Guide SP 1800-27

March 30, 2021
https://csrc.nist.gov/news/2021/securing-property-management-systems-sp-1800-27

NIST's NCCoE has published Cybersecurity Practice Guide SP 1800-27, "Securing Property Management Systems."

Publications SP 1800-27 (Final)

Securing Property Management Systems

March 30, 2021
https://csrc.nist.gov/pubs/sp/1800/27/final

Abstract: Hotels have become targets for malicious actors wishing to exfiltrate sensitive data, deliver malware, or profit from undetected fraud. Property management systems, which are central to hotel operations, present attractive attack surfaces. This example implementation strives to increase the cybersec...

Updates

Cybersecurity Framework Election Infrastructure Profile: Draft NISTIR 8310 Available for Comment

March 29, 2021
https://csrc.nist.gov/news/2021/draft-nistir-8310-election-infrastructure-profile

A new draft NISTIR 8310, "Cybersecurity Framework Election Infrastructure Profile," is available for public comment through May 14, 2021.

Publications IR 8333 (Final)

Workshop Summary Report for “Cybersecurity Risks in Consumer Home Internet of Things (IoT) Products” Virtual Workshop

March 29, 2021
https://csrc.nist.gov/pubs/ir/8333/final

Abstract: This report provides a summary of the discussion and findings from the NIST Cybersecurity Risks in Consumer Home Internet of Things (IoT) Devices virtual workshop in October 2020. NIST Interagency Report (NISTIR) 8259, Foundational Cybersecurity Activities for IoT Device Manufacturers, and NISTIR 82...

Publications Journal Article (Final)

Cybersecurity Advocates: Discovering the Characteristics and Skills for an Emergent Role

March 22, 2021
https://csrc.nist.gov/pubs/journal/2021/03/cybersecurity-advocates-discovering-the-characteri/final

Journal: Information and Computer Security Abstract: Purpose:Cybersecurity advocates safeguard their organizations by promoting security best practices. However, little is known about what constitutes successful advocacy.Methodology:We conducted 28 in-depth interviews of cybersecurity advocates.Findings:Effective advocates not only possess technical a...

Publications Journal Article (Final)

Cybersecurity Standards and Guidelines to Assist Small and Medium-Sized Manufacturers

March 18, 2021
https://csrc.nist.gov/pubs/journal/2021/03/cybersecurity-stnds-guidelines-assist-small-medium/final

Journal: USNC Current Abstract: For many industrial control systems (ICS), it is unacceptable to degrade performance even for the sake of security. As a result, many organizations such as small and medium-size manufacturers (SMMs) may have difficulty with understanding how to implement cybersecurity standards in ICS environments....

Updates

NICE Framework Competencies: Draft NISTIR 8355 Available for Comment

March 17, 2021
https://csrc.nist.gov/news/2021/nice-framework-competencies-draft-nistir-8355

Draft NISTIR 8355, "NICE Framework Competencies: Assessing Learners for Cybersecurity Work," is available for comment through May 3, 2021.

Updates

Trusted IoT Device Network-Layer Onboarding and Lifecycle Management: Draft Project Description

March 16, 2021
https://csrc.nist.gov/news/2021/draft-trusted-iot-device-onboarding-lcm

The National Cybersecurity Center of Excellence has released a Draft Project Description on Trusted IoT Device Network-Layer Onboarding and Lifecycle Management. The public comment period is open through April 21, 2021.

Publications Journal Article (Final)

Pandemic Parallels: What Can Cybersecurity Learn From COVID-19?

March 15, 2021
https://csrc.nist.gov/pubs/journal/2021/03/pandemic-parallels-what-can-cybersecurity-learn-fr/final

Journal: Computer (IEEE Computer) Abstract: While the threats may appear to be vastly different, further investigation reveals that the cybersecurity community can learn much from the COVID-19 messaging response.

Updates

Addressing Visibility Challenges with TLS 1.3: Draft Project Description Available for Comment

February 26, 2021
https://csrc.nist.gov/news/2021/addressing-visibility-challenges-with-tls-1-3

The NCCoE is requesting comments on a new Draft Project Description, "Addressing Visibility Challenges with TLS 1.3." Public comments may be submitted through March 29, 2021.

Events

Federal Cybersecurity & Privacy Forum - Feb 2021

February 23, 2021 - February 23, 2021
https://csrc.nist.gov/events/2021/fcsm-forum-february-2021

Presentations & Speakers at a Glance: NIST Cyber Risk Scoring Program Overview, Sheldon Pratt, IT Security Assessor, & Santi Kiran, IT Security Assessor, NIST; and Threat-based Risk Profiling Methodology, Zach Baldwin, FedRAMP, Program Manager for Strategy, Innovation, and Technology, GSA, and Tom Volpe, Principal and Subject Matter Expert, VITG NOTE: FORUM MEETINGS ARE OPEN TO ONLY FEDERAL/STATE EMPLOYEES, HIGHER EDUCATION EMPLOYEES, AND THEIR DESIGNATED SUPPORT CONTRACTORS. REGISTRANTS MUST USE A .GOV, .EDU, OR .MIL ADDRESS FOR SIGN-UP. SUPPORT CONTRACTORS MUST INDICATE THE AGENCY...

Project Pages

Security testing

https://csrc.nist.gov/projects/automated-combinatorial-testing-for-software/cybersecurity-testing-1/security-testing

The tools distributed here are used extensively in testing for security vulnerabilities. Survey article: Simos, D. E., Kuhn, R., Voyiatzis, A. G., & Kacker, R. (2016). Combinatorial Methods in Security Testing. IEEE Computer, 49(10), 80-83. Introduces CT-based approaches for security testing and presents our case studies and experiences so far. The success of the presented research program motivates further intensive research on the field of combinatorial security testing. In particular, security testing for the Internet of Things (IoT) is an area where these approaches may prove...

Updates

NIST's Key Practices in Cyber Supply Chain Risk Management: Observations from Industry--NISTIR 8276

February 11, 2021
https://csrc.nist.gov/news/2021/nistir-8276-key-practices-in-c-scrm

NIST announces the publication of NISTIR 8276, Key Practices in Cyber Supply Chain Risk Management: Observations from Industry.

Updates

Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation and Timing Services--NISTIR 8323

February 11, 2021
https://csrc.nist.gov/news/2021/nistir-8323-foundational-pnt-profile

NIST publishes NISTIR 8323, "Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services," in response to Executive Order 13905 of Feb. 12, 2020.

Publications IR 8323 (Final) (Withdrawn)

Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services

February 11, 2021

https://csrc.nist.gov/pubs/ir/8323/final

Abstract: The national and economic security of the United States (US) is dependent upon the reliable functioning of the nation’s critical infrastructure. Positioning, Navigation, and Timing (PNT) services are widely deployed throughout this infrastructure. In a government wide effort to mitigate the potentia...

Publications IR 8276 (Final)

Key Practices in Cyber Supply Chain Risk Management: Observations from Industry

February 11, 2021
https://csrc.nist.gov/pubs/ir/8276/final

Abstract: In today’s highly connected, interdependent world, all organizations rely on others for critical products and services. However, the reality of globalization, while providing many benefits, has resulted in a world where organizations no longer fully control—and often do not have full visibility into...

Project Pages

Reference Sources

https://csrc.nist.gov/projects/measurements-for-information-security/reference-sources

These are reference sources for frameworks, algorithms validation, software assurance, testing, and other measurements related to information security. Automated Combinatorial Testing for Software Combinatorial or t-way testing is a proven method for more effective software testing at lower cost. The research toolkit can make sure that there are no simultaneous input combinations that might inadvertently cause a dangerous error. Cryptographic Algorithm Validation Program (CAVP) The NIST Cryptographic Algorithm Validation Program provides validation testing of Approved (i.e.,...

Updates

5G Cybersecurity: Preliminary Draft of NIST Cybersecurity Practice Guide SP 1800-33A

February 1, 2021
https://csrc.nist.gov/news/2021/preliminary-draft-of-sp-1800-33a-5g-cybersecurity

A preliminary draft of SP 1800-33A, "5G Cybersecurity," is available for comment through March 4, 2021.

<< first   < previous   11     12     13     14     15     16     17     18     19     20     21     22     23     24     25     26     27     28     29     30     31     32     33     34     35  next >  last >>