Standard News › NIST

NIST Publication Update News

Entries feed - Comments feed

Monday, November 26 2018

NIST DRAFT- (SP) 1800-19 Volume B, Trusted Cloud: Security Practice Guide for VMWare Hybrid Cloud Infrastructure as a Service (IaaS) Environments

NIST has released a preliminary draft of NIST Special Publication (SP) 1800-19 Volume B, Trusted Cloud: Security Practice Guide for VMWare Hybrid Cloud Infrastructure as a Service (IaaS) Environments (Approach, Architecture, and Security Characteristics). This preliminary draft is stable but has some gaps in its content that will be addressed in the next draft. [A draft of Volume A, Executive Summary, was released in August 2018.] The initial comment period for Volume B will close on January 11, 2019.

Continue reading...

Friday, November 9 2018

DRAFT- NIST Internal Report (NISTIR) 8219: “Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection”

This publication provides an example on how manufacturing companies can improve security of it's Industrial Control Systems (ICS) through behavioral anomaly detection mechanisms that may be tied to a cyber attack. It includes incorporates standards, commercially available technologies and industry best practices.

The public comment period is open until December 6, 2018. See the links within for instructions on submitting comments.

Continue reading...

Thursday, October 4 2018

NISTIR 8202: Blockchain Technology Overview- FINAL

A technical publication that examines the history, scope, and characteristics of this emerging technology which has enabled the development of numerous cryptocurrency systems.

Continue reading...

Wednesday, October 3 2018

NIST SP 800-37 Rev.2: RMF for Information Systems and Organizations- FINAL DRAFT Open for Comments

This publication provides guidelines for applying the Risk Management Framework (RMF) to information systems and organizations. The RMF provides a disciplined, structured, and flexible process for managing security and privacy risk that includes information system categorization; control selection, implementation, and assessment; system and common control authorizations; and continuous monitoring.

Continue reading...