Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search CSRC

Use this form to search content on CSRC pages.

For a phrase search, use " "


Limit results to content tagged with of the following topics:
Showing 601 through 625 of 1222 matching records.
Updates

Cybersecurity Profile for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services: Draft NISTIR 8323 Available for Comment

October 22, 2020
https://csrc.nist.gov/news/2020/draft-cybersecurity-profile-for-pnt-services

In response to Executive Order 13905, NIST is releasing Draft NISTIR 8323, "Cybersecurity Profile for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services." The public comment period closes November 23, 2020; all relevant comment received will be posted publicly.

Publications Project Description (Final)

Implementing a Zero Trust Architecture

October 21, 2020
https://csrc.nist.gov/pubs/pd/2020/10/21/implementing-a-zero-trust-architecture/final

Abstract: The proliferation of cloud computing, mobile device use, and the Internet of Things has dissolved conventional network boundaries. The workforce is more distributed, with remote workers who need access to resources anytime, anywhere, and on any device, to support the mission. Enterprises must evolve...

Updates

Integrating Cybersecurity and Enterprise Risk Management (ERM): NISTIR 8286

October 13, 2020
https://csrc.nist.gov/news/2020/integrating-cybersecurity-and-enterprise-risk-mgmt

NISTIR 8286, "Integrating Cybersecurity and Enterprise Risk Management (ERM)," is now available.

Publications IR 8286 (Final)

Integrating Cybersecurity and Enterprise Risk Management (ERM)

October 13, 2020
https://csrc.nist.gov/pubs/ir/8286/final

Abstract: The increasing frequency, creativity, and severity of cybersecurity attacks means that all enterprises should ensure that cybersecurity risk is receiving appropriate attention within their enterprise risk management (ERM) programs. This document is intended to help individual organizations within an...

Events

Considerations in Migrating to PQC Algorithms

October 7, 2020 - October 7, 2020
https://csrc.nist.gov/events/2020/considerations-in-migrating-to-pqc-algorithms

(Updated: Friday, September 18, 2020): This workshop was rescheduled from August 24 to Wednesday, October 7. Workshop Objectives The National Institute of Standards and Technology (NIST) will host a virtual workshop on Wednesday, October 7, 2020. The purpose of the workshop is to discuss the challenges and investigate the practical and implementable approaches to ease the migration from the current set of public key cryptographic algorithms to replacement algorithms that are resistant to quantum computer based attacks. This effort complements the NIST post-quantum cryptography (PQC)...

Updates

Cybersecurity Framework Version 1.1 Manufacturing Profile: NISTIR 8183 Revision 1

October 7, 2020
https://csrc.nist.gov/news/2020/cybersecurity-framework-v1-1-manufacturing-profile

NIST has published NISTIR 8183 Revision 1, "Cybersecurity Framework Version 1.1 Manufacturing Profile."

Publications IR 8183 Rev. 1 (Final)

Cybersecurity Framework Version 1.1 Manufacturing Profile

October 7, 2020
https://csrc.nist.gov/pubs/ir/8183/r1/final

Abstract: This document provides the Cybersecurity Framework (CSF) Version 1.1 implementation details developed for the manufacturing environment. The “Manufacturing Profile” of the CSF can be used as a roadmap for reducing cybersecurity risk for manufacturers that is aligned with manufacturing sector goals a...

Events

Workshop on the Automation of the NIST CMVP

October 5, 2020 - October 5, 2020
https://csrc.nist.gov/events/2020/workshop-on-the-automation-of-the-nist-cmvp

(Updated: Friday, September 18, 2020): This workshop was rescheduled from September 1 to Monday, October 5. Workshop Objectives The National Institute of Standards and Technology (NIST) will host a virtual workshop on theAutomation of the NIST Cryptographic Module Validation Program (CMVP) on Monday, October 5, 2020. The number of cryptographic module validations has outstripped the available human resources for timely validation processing. This phenomenon is affecting all stakeholders participating in the CMVP (vendors, labs, and validators alike). The purpose of the workshop is to...

Updates

Securing Data Integrity Against Ransomware Attacks: Draft Paper Available for Comment

October 1, 2020
https://csrc.nist.gov/news/2020/securing-data-integrity-vs-ransomware-draft-paper

NIST's NCCoE has posted a draft paper, "Securing Data Integrity Against Ransomware Attacks: Using the NIST Cybersecurity Framework and NIST Cybersecurity Practice Guides. The public comment period is open through November 13, 2020.

Publications CSWP 17 (Initial Public Draft)

Securing Data Integrity Against Ransomware Attacks: Using the NIST Cybersecurity Framework and NIST Cybersecurity Practice Guides

October 1, 2020
https://csrc.nist.gov/pubs/cswp/17/securing-data-integrity-against-ransomware-attacks/ipd

Abstract: The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) is actively engaged in helping organizations address the challenge of ransomware and other data integrity events through the Data Integrity projects. These projects help organizations...

Publications Journal Article (Final)

Security Awareness Training for the Workforce: Moving Beyond "Check-the-Box" Compliance

October 1, 2020
https://csrc.nist.gov/pubs/journal/2020/10/moving-beyond-checkthebox-compliance/final

Journal: Computer (IEEE Computer) Abstract: Security awareness training requirements set a minimum baseline for introducing security practices to an organization's workforce. But is simple compliance enough to result in behavior change?

Updates

Blockchain Networks: Token Design and Management Overview – Draft NISTIR 8301 Available for Comment

September 29, 2020
https://csrc.nist.gov/news/2020/draft-nistir-8301-on-blockchain-networks

Draft NISTIR 8301, "Blockchain Networks: Token Design and Management Overview," is now available for comment through October 30, 2020.

Events

Challenges with Encrypted Protocols

September 25, 2020 - September 25, 2020
https://csrc.nist.gov/events/2020/challenges-with-encrypted-protocols

(Updated: Friday, September 18, 2020): This workshop was rescheduled from August 13 to Friday, September 25. Workshop Objectives The National Institute of Standards and Technology (NIST) will host a virtual workshop to discuss compliance, operations, and security challenges with modern encrypted protocols on Friday, September 25, 2020. Deployment of these protocols, in particular TLS 1.3, can impact some organizations ability to meet their regulatory, security, and operational requirements. The workshop will investigate the practical and implementable approaches to help those industries...

Updates

Performance Measurement Guide for Information Security: Pre-Draft Call for Comments

September 24, 2020
https://csrc.nist.gov/news/2020/performance-measurement-guide-for-info-security

NIST has posted a call for comments on "Performance Measurement Guide for Information Security" (SP 800-55 Rev. 1), with a comment period open through December 10, 2020. A new "Measurements for Information Security" project is also available.

Updates

Security and Privacy Controls for Information Systems and Organizations: NIST Publishes SP 800-53, Revision 5

September 23, 2020
https://csrc.nist.gov/news/2020/sp-800-53-revision-5-published

NIST Special Publication (SP) 800-53 Revision 5, "Security and Privacy Controls for Information Systems and Organizations," represents a multi-year effort to develop the next generation of controls needed to strengthen and support the Federal Government and critical infrastructure sectors.

Publications SP 800-53 Rev. 5 (Final) (Withdrawn)

Security and Privacy Controls for Information Systems and Organizations

September 23, 2020

https://csrc.nist.gov/pubs/sp/800/53/r5/final

Abstract: This publication provides a catalog of security and privacy controls for information systems and organizations to protect organizational operations and assets, individuals, other organizations, and the Nation from a diverse set of threats and risks, including hostile attacks, human errors, natural d...

Updates

Data Integrity: Recovering from Ransomware and Other Destructive Events--NIST Publishes SP 1800-11

September 22, 2020
https://csrc.nist.gov/news/2020/sp-1800-11-data-integrity-ransomware-recovery

NIST has published Special Publication (SP) 1800-11, "Data Integrity: Recovering from Ransomware and Other Destructive Events."

Publications SP 1800-11 (Final)

Data Integrity: Recovering from Ransomware and Other Destructive Events

September 22, 2020
https://csrc.nist.gov/pubs/sp/1800/11/final

Abstract: Businesses face a near-constant threat of destructive malware, ransomware, malicious insider activities, and even honest mistakes that can alter or destroy critical data. These data corruption events could cause a significant loss to a company’s reputation, business operations, and bottom line. The...

Updates

Securing Home IoT Devices Using MUD: Final Public Draft of SP 1800-15 Now Available

September 16, 2020
https://csrc.nist.gov/news/2020/final-public-draft-of-sp-1800-15-now-available

NIST has released the final public draft of NIST Cybersecurity Practice Guide SP 1800-15, "Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD)." The comment period closes October 16, 2020.

Updates

Mobile Device Security: Corporate-Owned Personally-Enabled (COPE)--NIST Publishes SP 1800-21

September 15, 2020
https://csrc.nist.gov/news/2020/mobile-device-security-cope-sp-1800-21

The NIST Cybersecurity Practice Guide on "Mobile Device Security: Corporate-Owned Personally-Enabled (COPE)" has been published as SP 1800-21.

Publications SP 1800-21 (Final)

Mobile Device Security: Corporate-Owned Personally-Enabled (COPE)

September 15, 2020
https://csrc.nist.gov/pubs/sp/1800/21/final

Abstract: Mobile devices provide access to vital workplace resources while giving employees the flexibility to perform their daily activities. Securing these devices is essential to the continuity of business operations. While mobile devices can increase efficiency and productivity, they can also leave sensi...

Updates

Securing Property Management Systems: Draft SP 1800-27 Available for Comment

September 14, 2020
https://csrc.nist.gov/news/2020/draft-sp-securing-property-management-systems

The National Cybersecurity Center of Excellence has released Draft NIST Cybersecurity Practice Guide (SP 1800-27), "Securing Property Management Systems," for public comment. The comment period closes on October 28, 2020.

Updates

Improving Enterprise Patching for General IT Systems: Preliminary Draft of SP 1800-31A Available for Comment

September 10, 2020
https://csrc.nist.gov/news/2020/improving-enterprise-patching-for-general-it-sys

A preliminary draft of Volume A of SP 1800-31A, "Improving Enterprise Patching for General IT Systems," is available for comment through October 9, 2020.

Updates

Draft White Paper: Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management

September 8, 2020
https://csrc.nist.gov/news/2020/trusted-iot-device-onboarding-and-lcm

A draft white paper, "Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management," is available for comment through October 8, 2020.

<< first   < previous   13     14     15     16     17     18     19     20     21     22     23     24     25     26     27     28     29     30     31     32     33     34     35     36     37  next >  last >>