News & Updates

NIST has published Cybersecurity White Paper (CSWP) 52, "Firmware-Based Monitoring for Bus-Based Computer Systems," introducing a low-cost, innovative approach to enhancing hardware security visibility.

NIST has released a new public draft of Small Business Cybersecurity: Non-Employer Firms. The public comment period is open through May 14, 2026.

NIST releases the initial public draft of SP 800-230, Additional SLH-DSA Parameter Sets for Limited Signature Use Cases. The comment period closes on June 12, 2026.

The final release of NIST Special Publication 1308, "NIST CSF 2.0: Cybersecurity, Enterprise Risk Management, and Workforce Management QSG," is now available. Also, NIST requests public comments on SP 1347, "CSF 2.0 Informative References Quick-Start Guide." The public comment period ends 

NIST Publishes SP 800-81r3: Secure Domain Name System (DNS) Deployment Guide final version

"Applying 5G Cybersecurity and Privacy Capabilities" white paper series helps consumers and operators of 5G networks securely adopt this technology as the development, deployment, and usage of 5G simultaneously evolves.

The NCCoE has released an initial public draft of NIST Special Publication (SP) 1800-42A, "Digital Identities - Mobile Driver’s License (mDL): Accelerating Development and Adoption of Digital Identity for Financial Institutions." The public comment period is open through May 8, 2026.

This guide demonstrates how organizations can discover, identify and label unstructured data using data classification practices. The public comment period is open through March 30, 2026.

NIST has published the final version of Interagency Report (IR) 8446, which compares Germany’s BSI AIS 20/31 and NIST’s SP 800-90 series.

The NIST National Cybersecurity Center of Excellence (NCCoE) has released a draft of NIST Interagency Report (IR) 8576, Transit Cybersecurity Framework (CSF) Community Profile, which is available for public comment through February 23, 2026.

NIST has initiated the process of revising NIST SP 800-82, Guide to Operational Technology (OT) Security, to incorporate lessons learned, align with relevant NIST guidance and OT cybersecurity standards and practices, and address changes in the OT threat landscape.

NIST has published Internal Report (IR) 8214C, NIST First Call for Multi-Party Threshold Schemes.

After receiving public comments in response to its July 2025 proposal, NIST has decided to update SP 800-56Ar3 and revise SP 800-56Cr2.

The initial public draft of NIST IR 8587, "Protecting Tokens and Assertions from Forgery, Theft, and Misuse: Implementation Recommendations for Agencies and Cloud Service Providers," is now available for public comment through January 30, 2026.

The final version of Cybersecurity White Paper (CSWP) 39, Considerations for Achieving Crypto Agility: Strategies and Practices, has been published on December 19, 2025.

NIST revises three publications on Integrating Cybersecurity and Enterprise Risk Management: NIST IR 8286r1, 8286Ar1, and 8286Cr1.

NIST has released the initial public draft of Special Publication (SP) 800-218r1 (Revision 1), Secure Software Development Framework (SSDF) Version 1.2: Recommendations for Mitigating the Risk of Software Vulnerabilities, per Executive Order 14306.

The National Cybersecurity Center of Excellence (NCCoE) has published the final version of NIST Cybersecurity White Paper (CSWP) 34, Mitigating Cybersecurity and Privacy Risks in Telehealth Smart Home Integration.

The Cyber AI Profile (NIST Community Profile) is available for comment through January 30th. Also, save the date for NCCoE's hybrid workshop on January 14, 2026 to discuss NIST IR 8596 iprd and updates on SP 800-53 COSAiS.

NIST Releases Two Updated Security Content Automation Protocol (SCAP)  Publications for Comment

NIST Special Publication (SP) 800-70r5 ipd (Revision 5, initial public draft), National Checklist Program for IT Products – Guidelines for Checklist Users and Developers, is now available for public comment through January 16, 2026, at 11:59 PM (EST).

The initial public draft of NIST SP 800-57 Part 1 Revision 6, "Recommendation for Key Management: Part 1– General," is available for public comment through February 5, 2026.

The initial public draft of NIST Cybersecurity White Paper (CSWP) 53, Charting the Course for NIST OSCAL, is available for public comment. The public comment period is open through January 13, 2026.

The NCCoE is releasing three publications to help secure IoT devices and their networks: Cybersecurity White Paper 42, Internal Report 8350, and Special Publication 1800-36.

A second public draft of NIST SP 1308, NIST CSF 2.0: Cybersecurity, Enterprise Risk Management, and Workforce Management Quick-Start Guide, is available for public comment through January 7, 2026.