-
Methods for managing, monitoring, and baselining IT and OT assets to reduce the risk of cybersecurity incidents
Finalized Guidance
-
Examines how commercial and open source tools can be used to aid with the most challenging aspects of patching general IT systems
Finalized Guidance
-
A unified approach to identify and prioritize opportunities for managing cybersecurity risks in the liquefied natural gas lifecycle.
Finalized Guidance
-
Identifying methods to efficiently detect, respond, and recover from data confidentiality attacks
Preparing Draft
-
Exploring methods to effectively identify and protect assets against data confidentiality attacks
Preparing Draft
-
Detailing methods and potential tool sets that can detect, mitigate, and contain data integrity events
Finalized Guidance
-
Exploring methods to effectively identify and protect assets against data integrity attacks
Finalized Guidance
-
Demonstrates how to effectively recover from a data corruption event in various Information Technology (IT) enterprise environments
Finalized Guidance
-
Digital Identity is becoming ubiquitous. To address that, we aim to define and facilitate reference architectures for digital identities that protects privacy, is implemented in a secure way, enables equity, is widely adoptable, and easy to use.
Seeking Collaborators
-
Illustrates how healthcare providers securely document, maintain, and exchange electronic patient records among mobile devices
Finalized Guidance
-
A single, centralized IdAM solution to control and secure access to utility resources, including OT and IT systems, buildings, and equipment
Finalized Guidance
-
Making software changes and network breaches more easily identifiable
Finalized Guidance
-
This project is implementing supply chain component traceability across industry blockchain enabled ecosystems of manufacturers and will inform supply chain visibility for critical infrastructures.
Defining Scope
-
Applies a socio-technical approach to testing, evaluation, verification, and validation of AI systems in context to tackle the complex problem of AI bias
Defining Scope
-
Identifies and mitigates cybersecurity and privacy risks based on patient use of smart home devices interfacing with patient information systems
Seeking Collaborators
-
NIST SP 1800-13 describes how public safety organizations can implement single sign-on functions for public safety personnel, use identity federation to authenticate personnel across organization boundaries, and enable MFA with a high level of assurance.
Finalized Guidance
-
Provides clear and repeatable security and privacy-enhanced reference example solution architectures for organizations using either cloud or a hybrid combination of both enterprise and cloud based services for their mobile device deployment architectures
Finalized Guidance
-
Clear and repeatable reference mobile architecture in which strong data confidentiality is implemented using certified technologies.
Finalized Guidance
-
Reducing the risk of false online identification and authentication fraud for e-commerce transactions using multifactor authentication tied to web analytics and contextual risk calculation
Finalized Guidance
-
Demonstrated practice example solutions that manufacturers can use to protect their ICS from data integrity attacks and documented in NIST SP 1800-10, Protecting Information and System Integrity in Industrial Control System Environments
Finalized Guidance
-
An approach for cybersecurity incident response and recovery in a manufacturing environment
Seeking Collaborators
-
An approach for securing data exchanges between and among distributed energy resource systems and electric power distribution facilities
Finalized Guidance
-
Demonstrates using the Manufacturer Usage Description (MUD) standard to improve the security of home IoT devices
Finalized Guidance
-
Demonstrated examples of behavioral anomaly detection and prevention mechanisms according to the concepts and tenets documented in NISTIR 8219 Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection
Finalized Guidance
-
Finalized Guidance
-
Demonstrates how hospitality organizations can use a standards-based approach with commercially available technologies to meet their security needs for protecting property management systems
Finalized Guidance
-
Ensuring that the infrastructure supporting remote patient monitoring capabilities can maintain the confidentiality of patient data
Finalized Guidance
-
Seeking Collaborators
-
Helping healthcare delivery organizations secure wireless infusion pumps (WIP) on an enterprise network
Finalized Guidance
-
An approach that manufacturers can follow to implement security segmentation and mitigate cyber vulnerabilities in their manufacturing environments.
Finalized Guidance
-
Mechanisms to capture, transmit, analyze, and store real-time and near-real-time data from both IT and OT networks and systems
Finalized Guidance
-
Demonstrating an applied risk-based approach and recommendations for secure DevOps and software supply chain practices
Seeking Collaborators
-
Demonstrates how organizations can verify that the internal components of their purchased computing devices are genuine and have not been altered during the manufacturing and distribution processes
Finalized Guidance
-
Proposes a solution that efficiently and effectively provisions and manages TLS server certificates during normal operations and disaster recovery in a typical enterprise environment
Finalized Guidance
-
An approach to determine the physical location of cloud computing servers to monitor and control workloads, anticipate and mitigate risks, and reduce the likelihood that unauthorized parties will obtain data
Finalized Guidance