Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications

NIST Authors in Bold

Displaying 1 - 25 of 1305

SCAP Composer User Guide

May 16, 2022
Author(s)
Joshua Lubell
SCAP Composer is a software application from the National Institute of Standards and Technology (NIST) for creating Security Content Automation Protocol (SCAP – pronounced "ess-cap") source data stream collections. A source data stream collection is a

Improving Enterprise Patching for General IT Systems: Utilizing Existing Tools and Performing Processes in Better Ways

April 6, 2022
Author(s)
Murugiah Souppaya, Alper Kerman, Karen Scarfone, Kevin Stine, Brian E. Johnson, Chris Peloquin, Vanessa Ruffin, Tyler Diamond, Mark Simos, Sean Sweeney
Despite widespread recognition that patching is effective and attackers regularly exploit unpatched software, many organizations do not adequately patch. There are myriad reasons why, not the least of which are that it's resource-intensive and that the act

Assessing Enhanced Security Requirements for Controlled Unclassified Information

March 15, 2022
Author(s)
Ronald S. Ross, Victoria Yan Pillitteri, Kelley L. Dempsey
The protection of Controlled Unclassified Information (CUI) in nonfederal systems and organizations is important to federal agencies and can directly impact the ability of the Federal Government to successfully carry out its assigned missions and business

Ransomware Risk Management: A Cybersecurity Framework Profile

February 23, 2022
Author(s)
Bill Fisher, Murugiah Souppaya, William C. Barker, Karen Scarfone
Ransomware is a type of malicious attack where attackers encrypt an organization's data and demand payment to restore access. In some instances, attackers may also steal an organization's information and demand an additional payment in return for not

Securing Telehealth Remote Patient Monitoring Ecosystem

February 22, 2022
Author(s)
Jennifer Cawthra, Nakia R. Grayson, Ronald Pulivarti, Bronwyn J. Hodges, Jason Kuruvilla, Kevin Littlefield, Julie Snyder, Sue Shuqiu Wang, Ryan Williams, Kangmin Zheng
Increasingly, healthcare delivery organizations (HDOs) are relying on telehealth and remote patient monitoring (RPM) capabilities to treat patients at home. RPM is convenient and cost-effective, and its adoption rate has increased. However, without

Prioritizing Cybersecurity Risk for Enterprise Risk Management

February 10, 2022
Author(s)
Stephen Quinn, Matthew Barrett, Greg Witte, Robert Gardner, Nahla Ivy
This document is the second in a series that supplements NIST Interagency/Internal Report (NISTIR) 8286, Integrating Cybersecurity and Enterprise Risk Management (ERM). This series provides additional detail regarding the enterprise application of

Personal Identity Verification (PIV) of Federal Employees and Contractors

January 24, 2022
Author(s)
Hildegard Ferraiolo, Andrew Regenscheid, Salvatore Francomacaro, David A. Cooper, Ketan Mehta, Annie W. Sokol, David Temoshok, Gregory Fiumara, Justin Richer, James L. Fenton, Johnathan Gloster, nabil anwer
FIPS 201 establishes a standard for a Personal Identity Verification (PIV) system (Standard) that meets the control and security objectives of Homeland Security Presidential Directive-12 (HSPD-12). It is based on secure and reliable forms of identity

IoT Device Cybersecurity Guidance for the Federal Government: Establishing IoT Device Cybersecurity Requirements

November 29, 2021
Author(s)
Michael Fagan, Katerina N. Megas, Jeffrey Marron, Kevin Gerard Brady, Barbara Bell Cuthill, Rebecca Herold, David Lemire, Noel Hoehn
Organizations will increasingly use Internet of Things (IoT) devices for the mission benefits they can offer, but care must be taken in the acquisition and implementation of IoT devices. This publication contains background and recommendations to help
Displaying 1 - 25 of 1305