News & Updates

The National Cybersecurity Center of Excellence (NCCoE) has released the initial public draft of NIST SP 1800-34, Validating the Integrity of Computing Devices. Comments are due July 25, 2022.

The Zero Trust Architecture (ZTA) team at NIST's National Cybersecurity Center of Excellence (NCCoE) has published volume A of a preliminary draft practice guide titled "Implementing a Zero Trust Architecture". The deadline...

The National Cybersecurity Center of Excellence (NCCoE) announces the release of NIST Internal Report (NISTIR) 8320, Hardware-Enabled Security: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use...

The National Cybersecurity Center of Excellence has two final publications (NIST SP 1800-19, NIST IR 8320B) and an initial public draft (NIST IR 8320C) on trusted cloud and hardware-enabled security.

NIST has released final IoT-specific guidance (NIST Special Publications 800-213 and 800-213A) to federal organizations to support extending their risk management process to the inclusion of IoT devices in federal systems.

The National Cybersecurity Center of Excellence (NCCoE) has released three new draft reports on hardware-enabled security and trusted cloud for public comment.

The NCCoE has released a preliminary draft of NIST Special Publication (SP) 1800-34 Volume B, and the comment period is open through September 29, 2021.

NIST has published NISTIR 8259B, "IoT Non-Technical Supporting Capability Core Baseline," to complement the technical abilities defined in NISTIR 8259A, "Core Device Cybersecurity Capability Baseline."

NIST has posted three draft revisions of SP 800-140C/D/F, specifying CMVP Validation Authority updates to ISO/IEC 24759, for public comment. The comment period closes September 20, 2021.

NIST's National Cybersecurity Center of Excellence (NCCoE) has finalized NISTIR 8320A, "Hardware-Enabled Security: Container Platform Security Prototype."

NIST's National Cybersecurity Center of Excellence (NCCoE) has released Draft NISTIR 8320, "Hardware-Enabled Security: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases." The public...

NIST Seeks Comments on a draft white paper, “Establishing Confidence in IoT Device Security: How do we get there?” The comment period is open through June 14, 2021.

Draft NISTIR 8356, "Considerations for Digital Twin Technology and Emerging Standards," is now available for public comment through June 16, 2021.

Four draft guidance documents on defining IoT cybersecurity requirements--for federal agencies and IoT device manufacturers--are now available for comment through February 26, 2021:  Draft SP 800-213 and Draft NISTIRs...

The National Cybersecurity Center of Excellence (NCCoE) at NIST has released Draft NISTIR 8320A, "Hardware-Enabled Security: Container Platform Security Prototype." The public comment period closes January 29, 2021.

NIST has released the final public draft of NIST Cybersecurity Practice Guide SP 1800-15, "Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage...

A draft white paper, "Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management," is available for comment through October 8, 2020.

NIST Technical Note (TN) 2066, "OpenFMB Proof of Concept Implementation Research," describes recent cybersecurity research related to the Smart Grid.

A draft NIST Cybersecurity White Paper is available for comment: "Hardware-Enabled Security for Server Platforms." The public comment period is open through June 2, 2020.

NIST has released a Draft NIST Cybersecurity White Paper on "Methodology for Characterizing Network Behavior of Internet of Things Devices." The public comment period ends May 1, 2020.

NIST has published Cybersecurity Practice Guide Special Publication (SP) 1800-17, "Multifactor Authentication for E-Commerce: Risk-Based, FIDO Universal Second Factor Implementations for Purchasers"

FIPS 140-3, "Security Requirements for Cryptographic Modules," was approved on March 22, 2019 and announced in the Federal Register on May 1, 2019. FIPS 140-3 supersedes FIPS 140-2.

[9/18/18--TEMPORARILY WITHDRAWN. TO BE RE-POSTED AT A LATER DATE] Draft NISTIR 8222 identifies 17 technical trust-related issues that may negatively impact the adoption of IoT products and services.

According to a recent independent analysis, e-commerce fraud increased by 30 percent in 2017, compared to.....

NIST Releases the Second Draft of Special Publication 800-125A, Security Recommendations for Hypervisor Deployment, for public comment.