NIST announces that Draft Special Publication (SP) 800-156, Representation of PIV Chain-of-Trust for Import and Export, is now available for public comment. This document provides the data representation of a chain-of-trust...

NIST is pleased to announce the public comment release of Draft Special Publication 800-116 Revision 1, A Recommendation for the Use of PIV Credentials in Physical Access Control Systems (PACS). ...

NIST Released 2 Draft NISTIRs: (1) NISTIR 8060 and (2) NISTIR 8085 - see below for further details

note - this document was approved in late October (date shown on the cover of this document) - this is first time this NISTIR has been announced on CSRC website) NIST announces the final release of ...

NIST announces the final release of NIST Interagency Report (NISTIR) 7904, Trusted Geolocation in the Cloud: Proof of Concept Implementation. This report describes a proof of concept implementation ...

NIST releases a third Cybersecurity Framework Request for Information (RFI), Views on the Framework for Improving Critical Infrastructure Cybersecurity, requesting information* about...

NIST is seeking information on the “Framework for Improving Critical Infrastructure Cybersecurity” (the “Framework”).

Special Publication 800-70 Revision 3, National Checklist Program for IT Products--Guidelines for Checklist Users and Developers, has been released as final. It describes security configuration checklists and their benefits,...

NIST is accepting nominations of individuals to serve on eight Federal Advisory Committees, including the Information Security and Privacy Advisory Board (ISPAB)...

The National Institute of Standards and Technology (NIST) invites and requests nomination of individuals for appointment to eight existing Federal Advisory Committees

NIST announces the public comment release of NIST Special Publication 800-178, A Comparison of Attribute Based Access Control (ABAC) Standards for Data Services. Extensible Access Control Markup Language (XACML) ...

In cooperation with the Public Safety Communications Research (PSCR) Program, NIST announces the release of NIST Interagency Report (NISTIR) 8080, Usability and Security Considerations for Public Safety Mobile Authentication....

NIST announces the final release of Special Publication (SP) 800-167, Guide to Application Whitelisting. The purpose of this publication is to assist organizations in understanding the basics ...

SP 800-131A Rev. 1 provides guidance for transitions to the use of stronger cryptographic keys and more robust algorithms by Federal government agencies when protecting sensitive, but unclassified information.

The full announcement, links to the draft documnet, comment template, email to send comments to, and to learn more about Draft SP 1800-4, Mobile Device Security: Cloud & Hybrid Builds, ...

NIST is excited to announce the release of the latest NIST Cybersecurity Practice Guide, "IT Asset Management" for the Financial Services sector. The document is a draft, and comments are being accepted.

NIST announces the publication of Special Publication (SP) 800-152, A Profile for U. S. Federal Cryptographic Key Management Systems. This document contains requirements for the design, ...

NIST announces the final release of NIST Internal Report (NISTIR) 7966, Security of Interactive and Automated Access Management Using Secure Shell (SSH). The purpose of this document is to assist organizations...

NIST announces the release of NIST Inter agency Report (NISTIR) 7987 Revision 1, Policy Machine: Features, Architecture, and Specification. The ability to control access to sensitive data in accordance...

NIST requests comments on Federal Information Processing Standard (FIPS) 186-4, Digital Signature Standard, which has been in effect since July 2013. 

NIST requests comments on Federal Information Processing Standard (FIPS) 186-4, Digital Signature Standard, which has been in effect since July 2013. FIPS 186-4 specifies three techniques—RSA,...

This notice announces the withdrawal of six Federal Information Processing Standards (FIPS): FIPS 181, FIPS 185, FIPS 188, FIPS 190, FIPS 191 and FIPS 196.

NIST requests public comments on Draft NIST Cybersecurity Practice Guide 1800-3, Attribute Based Access Control. 

NIST announces the public comment release of NIST Special Publication 800-125B, Secure Virtual Network Configuration for Virtual Machine (VM) Protection. VMs constitute the primary resource to be protected in a virtualized...

NIST requests comments on Special Publication (SP) 800-177, Trustworthy Email. This draft is a complimentary guide to NIST SP 800-45 Guidelines on Electronic Mail Security and covers protocol security technologies to secure...

NIST requests comments on a draft of NIST Interagency Report (IR) 7511 Revision 4, Security Content Automation Protocol (SCAP) Version 1.2 Validation Program Test Requirements.

The Information Security and Privacy Advisory Board (ISPAB) will meet Wednesday, October 21, 2015 - Friday, October 23, 2015.  All sessions will be open to the public.

NIST requests comments on a revision of Special Publication (SP) 800-57, Part 1, Recommendation for Key Management, Part 1 (Rev. 4). This Recommendation provides general guidance and best practices for the management of...

NIST is pleased to announce the third public comment release of NIST Internal Report (NISTIR) 8060, Guidelines for the Creation of Interoperable Software Identification (SWID) Tags. 

NIST's National Cybersecurity Center of Excellence (NCCoE) has released a draft of the latest NIST Cybersecurity Practice Guide, Draft Special Publication (SP) 1800-2, Identity and Access Management for Electric Utilities. 

NIST announces the release of NIST Special Publication 800-176, 2014 Computer Security Division Annual Report. This annual report provides the important highlights and accomplishments of their work...

NIST requests comments on the design and development of Security Content Automation Protocol (SCAP) version 1.3. Please send suggestions for SCAP 1.3 by September 28, 2015. For more information, visit the CSRC SCAP web page....

The National Institute of Standards and Technology (NIST) invites organizations to provide products and technical expertise to support and demonstrate security platforms for the Attribute Based Access Control Building Block....

NIST invites organizations to provide products and technical expertise to support and demonstrate security platforms for the Derived PIV Credentials Building Block.

The National Institute of Standards and Technology (NIST) invites organizations to provide products and technical expertise to support and demonstrate security platforms for the Mobile Device Security Building Block.

NIST is seeking public comment on the potential use of certain ISO/IEC standards for cryptographic algorithm and cryptographic module testing, conformance, and validation activities, currently specified by FIPS 140-2.

NIST seeks public comments on Draft NIST Interagency Report (NISTIR) 8074, which comprises two volumes, "Report on Strategic U.S. Government Engagement in International Standardization to Achieve U.S. Objectives for...

This notice announces the Secretary of Commerce's approval of Federal Information Processing Standard (FIPS) 202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions

NIST is pleased to announce the release of Special Publication 800-79-2, Guidelines for the Authorization of Personal Identity Verification Card Issuers (PCI) and Derived PIV Credential Issuers (DPCI).

The use of mobile devices in health care sometimes outpaces the privacy and security protections on those devices. Stolen personal information can have negative financial impacts, ...

NIST is pleased to announce the second public comment release of NIST Internal Report (NISTIR) 8060, Guidelines for the Creation of Interoperable Software Identification (SWID) Tags. 

NIST is pleased to announce the publication of a report by the University of Maryland’s Supply Chain Management Center titled “Leveraging the Cyber Risk Portal as a Teaching & Education Tool”.

NIST is pleased to announce the publication of a report by the University of Maryland’s Supply Chain Management Center titled “Leveraging the Cyber Risk Portal as a Teaching & Education Tool”.

NIST announces the second public comment release of Interagency Report (IR) 7904, Trusted Geolocation in the Cloud: Proof of Concept Implementation. This report describes a proof of concept implementation that was designed by...

NIST announces the public comment release of Draft NIST Interagency Report (IR) 8055, Derived Personal Identity Verification (PIV) Credentials (DPC) Proof of Concept Research. 

NIST requests comments on Draft Special Publication (SP) 800-131A Revision 1, Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths, which was originally published in January 2011....

NIST announces the completion of Revision 1 of NIST Special Publication (SP) 800-90A, Recommendation for Random Number Generation Using Deterministic Random Bit Generators. 

NIST is pleased to announce the release of NIST Interagency Report 7863, Cardholder Authentication for the PIV Digital Signature Key. The document provides clarification for the requirement in FIPS 201-2 that a PIV cardholder...

Special Publication 800-171, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations has been approved as final. The protection of Controlled Unclassified Information (CUI) while...

The National Institute of Standards and Technology (NIST) 8th NIST Cloud Computing Forum and Workshop will be held in Gaithersburg, Maryland on Tuesday, July 7, Wednesday, July 8, Thursday, July 9, and Friday July 10, 2015....

NIST announces the release of Special Publication 800-82, Revision 2, Guide to Industrial Control System (ICS) Security. Special Publication 800-82 provides guidance on how to improve the security in Industrial Control...

NIST announces that Draft Special Publication (SP) 800-85A-4, PIV Card Application and Middleware Interface Test Guidelines (SP 800-73-4 Compliance), is now available for public comment. 

Two PIV Special Publications (SP) have been released: (1) SP 800-73-4, Interfaces for Personal Identity Verification, AND (2) SP 800-78-4, Cryptographic Algorithms and Key Sizes for Personal Identity Verification

NIST is pleased to announce the public comment release of NIST Internal Report (NISTIR) 8060, Guidelines for the Creation of Interoperable Software Identification (SWID) Tags. 

NIST requests comments on the draft report NISTIR 8062, Privacy Risk Management for Federal Information Systems, which describes a privacy risk management framework for federal information systems. 

The Information Security and Privacy Advisory Board (ISPAB) will meet Wednesday, June 10, 2015 - Friday, June 12, 2015. All sessions will be open to the public.

NIST announces the public comment release of Draft NIST Internal Report (NISTIR 8058), Security Content Automation Protocol (SCAP) Version 1.2 Content Style Guide: Best Practices for Creating and Maintaining SCAP 1.2...

NIST IR 8041, Proceedings of the Cybersecurity for Direct Digital Manufacturing (DDM) Symposium is now available. Direct Digital Manufacturing involves fabricating physical objects from a data file using

Federal agencies are concerned about the risks associated with information and communications technology (ICT) products and services that may contain potentially malicious functionality, are counterfeit, or are vulnerable due...

NIST requests comments on SP 800-63-2, Electronic Authentication Guideline. This document describes the technical requirements necessary to meet the four Levels of Assurance that are specified in the OMB ...

NIST requests comments on an initial public draft report on NISTIR 8053, De-identification of Personally Identifiable Information. This document describes terminology, process and procedures for the removal ...

NIST announces the release of Special Publication 800-171, Protecting Controlled Unclassified Information in Non-federal Information Systems and Organizations (Final Public Draft). (NOTE: This draft has been since approved as...

In cooperation with the Public Safety Communications Research (PSCR) Program, NIST announces the release of NIST Interagency Report (NISTIR) 8014, Considerations for Identity Management in Public Safety Mobile Networks. 

Draft Special Publication 800-70 Revision 3, National Checklist Program for IT Products--Guidelines for Checklist Users and Developers, has been released for public comment. (NOTE: This draft document has been approved final:...

NIST announces the second public comment release of Draft NIST Interagency Report (IR) 7966, Security of Interactive and Automated Access Management Using Secure Shell (SSH). (NOTE: This Draft has been approved final Oct....

NIST announces the release of the NIST Interagency Report (NISTIR) 7823, Advanced Metering Infrastructure Smart Meter Upgradeability Test Framework. As electric utilities turn to Advanced Metering Infrastructures (AMIs) to...

NIST Internal Report (NISTIR) 8023, Risk Management for Replication Devicesis now available. A replication device (RD) is any device that reproduces (e.g., copies, prints, scans) documents, images, or objects from an...

NIST announces the final public draft release of Special Publication 800-82, Revision 2, Guide to Industrial Control System (ICS) Security. (Note: As of May 2015, this draft has been approved as final) Special Publication...

The National Institute of Standards and Technology (NIST) invites organizations to provide products and technical expertise to support and demonstrate security platforms for situational awareness for the energy sector.

NIST announces the release of an Errata Update for Special Publication 800-53, Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations. This update contains new mapping tables for ISO/IEC...

The purpose of Special Publication 800-163, Vetting the Security of Mobile Applications, is to help organizations understand the process for vetting the security of mobile applications, ...

NIST requests comments on a Second Public Draft of NIST Interagency Report (NISTIR) 7977, Cryptographic Standards and Guidelines Development Process. This revised document describes the principles, processes and procedures...

NIST announces the release of NIST Interagency Report (NISTIR) 8018, Public Safety Mobile Application Security Requirements Workshop Summary. The purpose of this publication is to capture the findings of a half-day workshop...

Special Publication 800-57, Part 3, Revision 1, Recommendation for Key Management, Part 3: Application-Specific Key Management Guidance, is intended primarily to help system administrators ...

The National Institute of Standards and Technology (NIST) proposes to withdraw six Federal Information Processing Standards from the FIPS series. The standards proposed for withdrawal are: FIPS 181, FIPS 185, FIPS 188, FIPS...

The Information Security and Privacy Advisory Board (ISPAB) will meet Wednesday, February 11, 2015 - Friday, February 13, 2015. All sessions will be open to the public.