NIST

NIST unveils new leadership team to drive semiconductor innovation

The agency’s CHIPS Research and Development Office aims to advance U.S. research and development efforts and "ensure America’s global leadership" in the semiconductor sector, officials said. 

  • By Chris Riotta

NIST updates cyber guidance for contractors handling sensitive data

The National Institute of Standards and Technology is accepting comments on the revised document through July 14. 

  • By Alexandra Kelley

IOT cyber rule covering federal buyers about to take effect

A December deadline looms for agencies to implement cybersecurity requirements for Internet of Things devices.

  • By Chris Riotta

NIST on tap to improve cybersecurity of water systems

The National Institute of Standards and Technology (NIST) hopes a new project will create a set of best practices to help the nation’s complex water and wastewater systems bolster their cybersecurity posture.

  • By Chris Riotta

White House preps security controls for commercial software acquisition

The administration is attempting to leverage the procurement powers of the federal government to bolster software cybersecurity for the first time.

  • By Chris Riotta

Are software bills of materials ready for prime time?

There's legislation afoot to require SBOMs in government procurement and industry is pushing back.

  • By Chris Riotta

NIST promotes testbed to address threats targeting ML systems

Dioptra, an experimentation testbed fielded by the National Institute of Standards and Technology, allows researchers to better understand the techniques that can help protect their products and systems against an increasing number of attacks targeting machine learning algorithms.

  • By Chris Riotta

NIST identifies 4 quantum-resistant encryption algorithms

Federal researchers are one step closer to protecting U.S. data from quantum computing decryption capabilities.

  • By Alexandra Kelley

NIST defines 'critical software' under the cyber EO

The National Institute of Standards and Technology's new definition of "critical software" is foundational to new federal efforts to exert more control over the code supply chain.

  • By Chris Riotta

NIST framework focuses on election cybersecurity

The new draft framework combining election security and cybersecurity is the first of its kind for NIST.

  • By Justin Katz

What cyber risks will Biden's supply chain EO uncover?

The administration has ordered a wide-ranging assessment of the risks to manufacturing and technology supply chains. Analysts, former government officials and industry say a large workforce gap and problematic frameworks are among the threats cybersecurity poses to the country's supply chains.

  • By Justin Katz

Under new law, NIST looks to map out vulnerability disclosure policies for government

Lawmakers in December tasked NIST with to developing processes that would ensure software vulnerability reports flow to the appropriate government offices and the issues are promptly fixed.

  • By Justin Katz

NIST offers tools to defend against nation state cyber threats

The National Institute of Standards and Technology cites a 2018 hack of a Navy contractor as inspiration for a new publication on cyber defense, but security analysts say the tools are just as relevant to SolarWinds Orion.

  • By Justin Katz

IoT cyber law signed amid growing vulnerabilities

The passage of the IoT Cybersecurity Improvement Act of 2020 means that NIST will start to address the gap in post-market guidance to help organizations adequately address newly discovered vulnerabilities in devices already on their networks.

  • By Yejin Jang
Featured eBooks

Senate passes IoT cybersecurity bill

The legislation mandates minimum security requirements on internet of things devices bought by the federal government.

  • By Justin Katz

House votes for new rules on federal IOT acquisition

Legislation from congressional tech stalwarts would add security requirements for connected devices purchased by the federal government.

  • By Mark Rockwell

House bill aims to strengthen digital ID

Legislation proposed in the House would tap the National Institute of Standards and Technology and the Department of Homeland Security in new effort to help set national digital identifier capabilities.

  • By Mark Rockwell

How zero trust solves the 'weakest link' problem

Many government agencies currently have components of zero trust already in their infrastructure, including identity credential and access management and continuous monitoring, so moving to a comprehensive zero trust model would just strengthen what is already there.

  • By Gus Hunt

Staying ahead of threats on government networks

Why securing data and managing cyber risk must now become critical elements in agency ERM frameworks.

  • By Dan Chenok

CMMC training registration opens, but implementation worries persist

The first cadre of DOD cybersecurity assessors is expected to graduate by early August, but concerns loom over Cybersecurity Maturity Model Certification.

  • By Lauren C. Williams

Data exchange and cybersecurity

Ensuring different software systems can easily communicate and exchange data is as much about people and process as it is technology.

  • By Derek B. Johnson