|
04/25/2025
|
SP |
1308 |
Comments Due: 04/25/2025
This document shows how the Workforce Framework for Cybersecurity (NICE Framework) and the Cybersecurity Framework (CSF) 2.0 can be used together to address cybersecurity risk. It is the newest of the CSF 2.0 Quick Start Guides (QSG) released since February 26, 2024; these resources provide...
|
|
04/25/2025
|
IR |
8323 Rev. 2 |
Comments Due: 04/25/2025
The NIST National Cybersecurity Center of Excellence (NCCoE) is proposing to update the NIST Internal Report (IR) 8323 Foundational Position, Navigation, and Timing (PNT) Profile: Applying the Cybersecurity Framework (CSF) for Responsible Use of PNT Services (Revision 1) to reflect the NIST...
|
|
04/30/2025
|
IR |
8214C |
Comments Due: 04/30/2025
This is a second public draft. Threshold schemes should NOT be submitted until the final version of this report is published. However, the present draft can be used as a baseline to prepare for future submissions. The scope of the call is organized into categories related to signing (Sign),...
|
|
04/30/2025
|
CSWP |
39 |
Comments Due: 04/30/2025
Advances in computing capabilities, cryptographic research, and cryptanalytic techniques periodically create the need to replace algorithms that no longer provide adequate security for their use cases. For example, the threats posed by future cryptographically-relevant quantum computers (CRQCs) to...
|
|
05/12/2025
|
SP |
800-228 |
Comments Due: 05/12/2025
Modern enterprise IT systems rely on a family of application programming interfaces (APIs) for integration to support organizational business processes. Hence, a secure development and deployment of APIs is critical for overall enterprise security. This, in turn, requires the identification of risk...
|
|
05/26/2025
|
SP |
800-81 Rev. 3 |
Comments Due: 05/26/2025
The Domain Name System (DNS) plays an integral role in every organization’s security posture by translating domain names into IP addresses. It can serve as an enforcement point for enterprise security policy and an indicator of potential malicious activity on a network. A disruption or attack...
|
|
05/29/2025
|
CSWP |
42 |
Comments Due: 05/29/2025
IoT device network-layer onboarding is an automated mechanism for securely provisioning network credentials to devices, thereby enhancing network security and management. IoT devices can measure energy consumption, detect component faults, monitor water quality, measure toxins, and detect...
|
|
05/30/2025
|
IR |
8546 |
Comments Due: 05/30/2025
This draft CSF 2.0 Profile provides a voluntary, risk-based approach for managing cybersecurity activities and reducing cybersecurity risk to semiconductor manufacturing. The semiconductor manufacturing environment is a complex ecosystem of device makers, equipment OEMs, suppliers and solution...
|
|
06/13/2025
|
CSWP |
40 |
Comments Due: 06/13/2025
The NIST Privacy Framework is a “living” tool meant to evolve to meet stakeholder needs, and the time has come to update to Version 1.1. This update builds on the success of Privacy Framework 1.0 by responding to current privacy risk management needs, realigning with NIST Cybersecurity Framework...
|
|
06/25/2025
|
SP |
800-197 |
Comments Due: 06/25/2025
The Advanced Encryption Standard (AES) specifies a subset of the Rijndael block cipher family with 128-bit blocks that was submitted to the NIST AES development effort. While this block size remains sufficient for many applications, the increasing demand for processing large volumes of data...
|
