Security news aggregator

Latest coverage for NIST

NIST publishes cybersecurity standards and guidance that organizations use to assess risk, strengthen controls, and improve resilience.

16 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

NIST is the U.S. National Institute of Standards and Technology, a Commerce Department agency that develops technical standards, measurements, and cybersecurity guidance. Practitioners use the Cybersecurity Framework (CSF) to organize security outcomes, the SP 800 series for controls and practices, and the Risk Management Framework (RMF) to assess and authorize information systems. NIST guidance is generally voluntary for private organizations; particular standards can become mandatory for federal systems through law, regulation, or contract.

NIST gives security teams a common vocabulary for assessing gaps, selecting safeguards, and documenting risk decisions across the security lifecycle. Its publications address areas including authentication, incident handling, privacy, secure software development, and supply-chain risk. NIST’s National Vulnerability Database supports vulnerability management, but its entries and severity scores require validation against an organization’s assets, exposure, and exploitability. News under this tag may concern a draft, revision, or federal requirement, so practitioners should check the document’s version and applicability before treating guidance as a required control.

Volume over time

Weekly headline count for the current query.

Showing 16 most recent headlines Filtered view

PLUS: Russian bug-buyers seeks Telegram flaws; Another WordPress security mess; NIST backlog grows; and more! Infosec In Brief Organized crime networks are now reliant on digital tech for most of their activities according to Europol, the European agency that fights international crime on the continent and beyond.…

Nicely ahead of that always-a-decade-away moment when all our info becomes an open book The National Institute of Standards and Technology (NIST) today released the long-awaited post-quantum encryption standards, designed to protect electronic information long into the future – when quantum computers are expected to break existing cryptographic algorithms.…

Security world reacts as NIST does a lot less of oft criticized, 'almost always thankless' work Opinion The United States National Institute of Standards and Technology (NIST) has almost completely stopped adding analysis to Common Vulnerabilities and Exposures (CVEs) listed in the National Vulnerability Database. That means big headaches for anyone using CVEs to maintain their security. …

NIST weighs up algorithms for small devices – and an architecture for massive systems The US National Institute of Standards and Technology wants to protect all devices great and small, and is getting closer to settling on next-gen cryptographic algorithms suitable for systems at both ends of that spectrum – the very great and the very small.…

NIST's nifty new algorithm looks like it's in trouble One of the four encryption algorithms the US National Institute of Standards and Technology (NIST) recommended as likely to resist decryption by quantum computers has has holes kicked in it by researchers using a single core of an Intel Xeon CPU, released in 2013.…