News & Updates

The Final Public Draft Cybersecurity Framework Manufacturing Profile is now available for public comment.

The Information Security and Privacy Advisory Board (ISPAB) will meet March 29-31, 2017. All sessions will be open to the public.

On Thursday, February 23^rd, Google announced  that a team of researchers from the CWI Institute in Amsterdam and Google have successfully demonstrated an attack on the SHA-1 hash algorithm by creating two files that hash to the same value. 

NIST has launched a beta site for a new version of CSRC.nist.gov: https://beta.csrc.nist.gov.  It will be available alongside http://csrc.nist.gov for several months as we continue to fix issues, implement enhanced functionality, and migrate existing content. Your feedback is welcome!

NCCoE Released Draft Special Publication 1800-7, Situational Awareness for Electric Utilities for public comment.

NIST requests comments on a proposed update to the Framework for Critical Infrastructure Cybersecurity (the "Framework"). The proposed update to the Framework is available for review at http://www.nist.gov/​cyberframework.Comments are due April 10, 2017.

NIST solicits nominations for candidate algorithms to be considered for public-key post-quantum standards. Submission requirements and evaluation criteria are available at https://www.nist.gov/pqcrypto. Proposals must be received by November 30, 2017.

Special Publication 800-179 aims to assist IT professionals in securing Apple OS X 10.10 desktop and laptop systems within various environments. It provides detailed information about the security features of OS X 10.10...

NIST invites comments on Draft NIST SP 800-187, Guide to LTE Security. Cellular technology plays an increasingly large role in society as it has become the primary portal to the Internet for a large segment of the population. One of the main drivers making this change possible is the deployment ...

NIST announces the release of Special Publication 800-160, Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. ...

NIST released NISTIR 7621 Revision 1, Small Business Information Security: The Fundamentals. NIST developed this interagency report as a reference guideline about cybersecurity for small businesses...

NIST is pleased to release the draft NICE Cybersecurity Workforce Framework (NCWF) - a reference resource that will allow our nation to more effectively identify, recruit, develop and maintain its cybersecurity talent...

NIST announces the release of Draft Special Publication 800-121 Revision 2 Guide to Bluetooth Security. This draft is the second revision to NIST SP 800-121, Guide to Bluetooth Security. Updates in this revision include an introduction to and discussion ...

Special Publication 800-53 Revision 5 Status Update

Special Publication 800-178, A Comparison of ABAC Standards for Data Service Applications: XACML and NGAC and Special Publication 800-150, Guide to Cyber Threat Information Sharing ...

NIST invites comments on Draft NIST Interagency Report (NISTIR) 8151, Dramatically Reducing Software Vulnerabilities -- Report to the White House Office of Science and Technology Policy.

DRAFT NISTIR 8149, Developing Trust Frameworks to Support Identity Federations is now available for public comment - (click link above to go to the CSRC Draft Publications page to learn more about this draft & for links to the draft document). 

DRAFT NISTIR 8138, Vulnerability Description Ontology (VDO): a Framework for Characterizing Vulnerabilities; aims to describe a more effective and efficient methodology for characterizing vulnerabilities found in ...

The Information Security and Privacy Advisory Board (ISPAB) will meet October 26-28, 2016. All sessions will be open to the public.

NIST announces the release of the final draft of Special Publication 800-160, Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. 

Open Meeting of the Commission on Enhancing National Cybersecurity

NIST has released a draft of the Baldridge Cybersecurity Excellence Builder, a self-assessment tool to help organizations better understand the effectiveness of their cybersecurity risk management efforts. 

The National Cybersecurity Center of Excellence (NCCoE) has posted a draft Project Description on the topic of Authentication for Law Enforcement Vehicle Systems. 

NIST released DRAFT NISTIR 8144, Assessing Threats to Mobile Devices & Infrastrucutre: the Mobile Threat Catalogue. The Mobile Threat Catalogue outlines a catalogue of threats to mobile devices and associated mobile infrastructure to support development and...

A draft manufacturing implementation of the Cybersecurity Framework ("Profile") has been developed to establish a roadmap for reducing cybersecurity risk for manufacturers that is aligned with manufacturing sector goals and industry best practices.