An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
NIST invites comments on Draft Special Publication (SP) 800-207, Zero Trust Architecture, which discusses the core logical components that make up a zero trust
The National Cybersecurity Center of Excellence (NCCoE) has released Draft NIST Special Publication (SP) 1800-24, Securing Picture Archiving and Communication
NIST seeks comments on the Preliminary Draft of the NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management (“Preliminary Draft”
NIST would like to announce the 32 candidates that will be moving on to the 2nd round of the NIST LWC Standardization Process. The second-round candidates of
Given the nature of interconnected networks and the use of the internet to share information, the protection of sensitive data can become difficult if proper
Microservices architecture is increasingly being used to design, develop, and deploy large-scale application systems in both cloud-based and enterprise
The National Cybersecurity Center of Excellence (NCCoE) has published the final version of NIST Cybersecurity Practice Guide SP 1800-7, Situational Awareness
As manufacturers create an incredible and ever-growing variety of Internet of Things (IoT) devices, they should also understand the cybersecurity risks
As retailers in the United States have adopted chip-and-signature and chip-and-PIN (personal identification number) point-of-sale security measures, there have
Cryptography relies upon two basic components—an algorithm and a cryptographic key—to protect data in an information technology security environment. Such data
The National Cybersecurity Center of Excellence (NCCoE) has released Draft NIST Special Publication (SP) 1800-21, Mobile Device Security: Corporate-Owned
This NIST Cybersecurity Practice Guide— Draft SP 1800-16, Securing Web Transactions: Transport Layer Security (TLS) Server Certificate Management—shows large
Traditional identity management has typically involved the storing of user credentials (e.g., passwords) by organizations and third parties, which often results
Network and data security are essential in today's environment of increasingly open and interconnected systems, networks, and mobile devices. Critical security
Internet Protocol Security (IPsec) is a network layer security control used to protect communications over public networks, encrypt IP traffic between hosts
It is difficult to overstate the importance of the internet to modern business and to society in general. The internet is essential to the exchange of all
Summary
The National Cybersecurity Center of Excellence (NCCoE) is announcing the release of two new data confidentiality draft project descriptions. We are
NIST is pleased to announce the first official release of the Open Security Controls Assessment Language ( OSCAL), Version 1.0.0 - Milestone 1. The release
Summary
NIST is seeking comments on Draft NIST Special Publication (SP) 800-171 Revision 2, Protecting Controlled Unclassified Information in Nonfederal
Attribute-based access control systems rely upon enterprise-specific attributes to both define access control policy rules and enforce the access control
The National Cybersecurity Center of Excellence (NCCoE) has posted two draft Project Descriptions for public comment:
Detecting and Protecting Against Data
NIST is releasing a Draft NIST Cybersecurity White Paper for public comment, Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software
NIST is releasing a Draft NIST Cybersecurity White Paper for public comment, Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software