-
Demonstrates how operators and users of 5G networks can mitigate 5G cybersecurity risks and meet industry sectors’ compliance requirements
Preparing Draft
-
Controlling who can obtain access to information and resources with a cohesive and secure identity and access management system
Archived
-
Addresses challenges to compliance, operations, and security with modern encrypted protocols, and TLS 1.3 in particular
Finalized
-
Informing future standards and best practices for assessing and managing the security of machine learning components
Finalized
-
Methods for managing, monitoring, and baselining IT and OT assets to reduce the risk of cybersecurity incidents
Finalized
-
The NCCoE is working on cyber assurance for autonomous vehicles by developing a public dataset and a testbed with difficult-to-handle and adversarial road/traffic conditions with the goal of improving autonomous vehicles and accelerating their safe deploy
Preparing Draft
-
Examines how commercial and open source tools can be used to aid with the most challenging aspects of patching general IT systems
Finalized
-
Practical cybersecurity guidelines for small-scale solar inverter implementations typically used in homes and small businesses.
Finalized
-
Providing users with a national-level risk-based approach for managing cybersecurity activities for EV XFC systems.
Finalized
-
A unified approach to identify and prioritize opportunities for managing cybersecurity risks in the liquefied natural gas lifecycle.
Finalized
-
Identifying methods to efficiently detect, respond, and recover from data confidentiality attacks
Finalized
-
Exploring methods to effectively identify and protect assets against data confidentiality attacks
Finalized
-
Detailing methods and potential tool sets that can detect, mitigate, and contain data integrity events
Finalized
-
Exploring methods to effectively identify and protect assets against data integrity attacks
Finalized
-
Demonstrates how to effectively recover from a data corruption event in various Information Technology (IT) enterprise environments
Finalized
-
Dioptra is a software test platform for assessing the trustworthy characteristics of AI models.
Preparing Draft
-
Illustrates how healthcare providers securely document, maintain, and exchange electronic patient records among mobile devices
Finalized
-
Hybrid Satellite Networks or HSN provides flexible use of commercial satellites that can host non-commercial payloads.
Finalized
-
A single, centralized IdAM solution to control and secure access to utility resources, including OT and IT systems, buildings, and equipment
Finalized
-
Demonstrating examples of zero trust architectures designed and deployed according to the concepts and tenets documented in NIST SP 800-207, Zero Trust Architecture
Finalized
-
Demonstrates how to use device characterization techniques to describe the communication requirements of IoT devices
Finalized
-
Demonstrates the feasibility of securely migrating common enterprise network environments to IPv6-only deployments.
Archived
-
Making software changes and network breaches more easily identifiable
Finalized
-
Identifies and mitigates cybersecurity and privacy risks based on patient use of smart home devices interfacing with patient information systems
Finalized
-
NIST SP 1800-13 describes how public safety organizations can implement single sign-on functions for public safety personnel, use identity federation to authenticate personnel across organization boundaries, and enable MFA with a high level of assurance.
Finalized
-
Provides a clear and repeatable security and privacy-enhanced reference example solution architecture for organizations that allow personally owned mobile devices to access their organizational data
Finalized
-
Provides clear and repeatable security and privacy-enhanced reference example solution architectures for organizations using either cloud or a hybrid combination of both enterprise and cloud based services for their mobile device deployment architectures
Finalized
-
Clear and repeatable reference mobile architecture in which strong data confidentiality is implemented using certified technologies.
Finalized
-
Reducing the risk of false online identification and authentication fraud for e-commerce transactions using multifactor authentication tied to web analytics and contextual risk calculation
Finalized
-
NIST’s Privacy-Enhancing Technologies Testbed is a resource for evaluating these capabilities, featuring real-world use cases, model solutions, and rigorous metrics for utility and privacy.
Preparing Draft
-
Implementing stronger controls for privileged account security to enable organizations to enforce access policies
Archived
-
Demonstrated practice example solutions that manufacturers can use to protect their ICS from data integrity attacks and documented in NIST SP 1800-10, Protecting Information and System Integrity in Industrial Control System Environments
Finalized
-
Use this CSF 2.0 Community Profile to focus cybersecurity efforts on the outcomes that strengthen ransomware prevention, response, recovery, and resilience.
Finalized
-
An approach for securing data exchanges between and among distributed energy resource systems and electric power distribution facilities
Finalized
-
Demonstrates using the Manufacturer Usage Description (MUD) standard to improve the security of home IoT devices
Finalized
-
Demonstrated examples of behavioral anomaly detection and prevention mechanisms according to the concepts and tenets documented in NISTIR 8219 Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection
Finalized
-
Finalized
-
Demonstrates how hospitality organizations can use a standards-based approach with commercially available technologies to meet their security needs for protecting property management systems
Finalized
-
Ensuring that the infrastructure supporting remote patient monitoring capabilities can maintain the confidentiality of patient data
Finalized
-
Helping healthcare delivery organizations secure wireless infusion pumps (WIP) on an enterprise network
Finalized
-
An approach that manufacturers can follow to implement security segmentation and mitigate cyber vulnerabilities in their manufacturing environments.
Finalized
-
Mechanisms to capture, transmit, analyze, and store real-time and near-real-time data from both IT and OT networks and systems
Finalized
-
Demonstrates how organizations can verify that the internal components of their purchased computing devices are genuine and have not been altered during the manufacturing and distribution processes
Finalized
-
Proposes a solution that efficiently and effectively provisions and manages TLS server certificates during normal operations and disaster recovery in a typical enterprise environment
Finalized
-
An approach to determine the physical location of cloud computing servers to monitor and control workloads, anticipate and mitigate risks, and reduce the likelihood that unauthorized parties will obtain data
Finalized
-
Demonstrates approaches for securely onboarding IoT devices with network credentials
Finalized
