| CARVIEW |
Select Language
HTTP/2 301
date: Sun, 05 Oct 2025 11:50:19 GMT
content-type: text/html; charset=utf-8
cf-ray: 989cb3617ed38fc2-ORD
cache-control: private
location: /publications/cswp
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=faGaP8WJEBQOpLd0Q6H93afBahMsTnrgKbUMOtv9Mso-1759665019-1.0.1.1-p7XCZbJ5rCvOl6RtyzRUdNCiBio22pRppk58L6tIAoX4weeXqr.uIOzh7Q7tXogh3xllA3fcMonbUhSyENlbw3toBwlee3DTJRll2TE5F0Y; path=/; expires=Sun, 05-Oct-25 12:20:19 GMT; domain=.nist.gov; HttpOnly; Secure; SameSite=None
set-cookie: _cfuvid=I4ojqvxZaPsIv6jTe2QWhRVweNNq1CqPfhZ.md2Nib8-1759665019233-0.0.1.1-604800000; path=/; domain=.nist.gov; HttpOnly; Secure; SameSite=None
server: cloudflare
HTTP/2 200
date: Sun, 05 Oct 2025 11:50:19 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: no-cache
pragma: no-cache
expires: -1
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 989cb3640d068fc2-ORD
Search | CSRC
October 1, 2025: Due to a lapse in federal funding, this website is not being updated. Learn more.
Public Drafts: Current list of all draft NIST cybersecurity documents--they are typically posted for public comment. "Current" public drafts are the latest draft versions that have not yet been published as "Final." FIPS: Current Federal Information Processing Standard Publications (FIPS). Includes current (Final and Draft) FIPS.
SP 800 Series: Current NIST Special Publication (SP) 800 series publications, which focus on Computer/Information Security. Includes current (Final and Draft) SP 800 pubs.
All SP Series: Current NIST Special Publications (SP), including SP 800 (Computer/Information Security) and SP 1800 (Cybersecurity Practice Guides) pubs. Also includes SP 500 (Computer Systems Technology) pubs related to cybersecurity and privacy. Includes current (Final and Draft) NIST Special Publications.
NISTIRs: Current list of NIST Interagency or Internal Reports (NISTIR) related to cybersecurity and privacy. Includes current (Final and Draft) NISTIRs.
ITL Bulletins: Current list of NIST Information Technology Laboratory (ITL) Bulletins. White Papers: Consists of NIST Cybersecurity White Papers; NCCoE Project Descriptions, Building Blocks and Use Cases; and other NIST-authored papers that are not part of a formal series. Includes current (Final and Draft) papers.
Journal Articles: NIST-authored articles published in external journals and in the NIST Journal of Research (JRES).
Conference Papers: NIST-authored conference papers related to cybersecurity and privacy.
Books: NIST-authored books, book sections, and encyclopedia entries related to cybersecurity and privacy.
Public Drafts: Current list of all draft NIST cybersecurity documents--they are typically posted for public comment. "Current" public drafts are the latest draft versions that have not yet been published as "Final." FIPS: Current Federal Information Processing Standard Publications (FIPS). Includes current (Final and Draft) FIPS.
SP 800 Series: Current NIST Special Publication (SP) 800 series publications, which focus on Computer/Information Security. Includes current (Final and Draft) SP 800 pubs.
All SP Series: Current NIST Special Publications (SP), including SP 800 (Computer/Information Security) and SP 1800 (Cybersecurity Practice Guides) pubs. Also includes SP 500 (Computer Systems Technology) pubs related to cybersecurity and privacy. Includes current (Final and Draft) NIST Special Publications.
NISTIRs: Current list of NIST Interagency or Internal Reports (NISTIR) related to cybersecurity and privacy. Includes current (Final and Draft) NISTIRs.
ITL Bulletins: Current list of NIST Information Technology Laboratory (ITL) Bulletins. White Papers: Consists of NIST Cybersecurity White Papers; NCCoE Project Descriptions, Building Blocks and Use Cases; and other NIST-authored papers that are not part of a formal series. Includes current (Final and Draft) papers.
Journal Articles: NIST-authored articles published in external journals and in the NIST Journal of Research (JRES).
Conference Papers: NIST-authored conference papers related to cybersecurity and privacy.
Books: NIST-authored books, book sections, and encyclopedia entries related to cybersecurity and privacy.
You are viewing this page in an unauthorized frame window.
This is a potential security issue, you are being redirected to https://csrc.nist.gov.
An official website of the United States government
Here’s how you know
Official websites use .gov
A
.gov website belongs to an official government
organization in the United States.
Secure .gov websites use HTTPS
A
lock (
) or https:// means you’ve safely connected to
the .gov website. Share sensitive information only on official,
secure websites.
Current Publications
-
NIST Series Pubs
- Final Pubs
- Drafts Open for Comment
- Drafts (all)
- View By Series
- Other Pubs
Public Drafts: Current list of all draft NIST cybersecurity documents--they are typically posted for public comment. "Current" public drafts are the latest draft versions that have not yet been published as "Final." FIPS: Current Federal Information Processing Standard Publications (FIPS). Includes current (Final and Draft) FIPS.
SP 800 Series: Current NIST Special Publication (SP) 800 series publications, which focus on Computer/Information Security. Includes current (Final and Draft) SP 800 pubs.
All SP Series: Current NIST Special Publications (SP), including SP 800 (Computer/Information Security) and SP 1800 (Cybersecurity Practice Guides) pubs. Also includes SP 500 (Computer Systems Technology) pubs related to cybersecurity and privacy. Includes current (Final and Draft) NIST Special Publications.
NISTIRs: Current list of NIST Interagency or Internal Reports (NISTIR) related to cybersecurity and privacy. Includes current (Final and Draft) NISTIRs.
ITL Bulletins: Current list of NIST Information Technology Laboratory (ITL) Bulletins. White Papers: Consists of NIST Cybersecurity White Papers; NCCoE Project Descriptions, Building Blocks and Use Cases; and other NIST-authored papers that are not part of a formal series. Includes current (Final and Draft) papers.
Journal Articles: NIST-authored articles published in external journals and in the NIST Journal of Research (JRES).
Conference Papers: NIST-authored conference papers related to cybersecurity and privacy.
Books: NIST-authored books, book sections, and encyclopedia entries related to cybersecurity and privacy.
Search Results
Showing 53 matching records.
| Series | Number | Title Publications | Status | Release Date |
|---|---|---|---|---|
| CSWP | 51 |
CSWP 51 (Initial Public Draft)
Developing a Transit Cybersecurity Framework Community Profile: Project Update
8/20/2025
Status: Draft |
Draft | 8/20/2025 |
| CSWP | 48 |
CSWP 48 (Initial Public Draft)
Mappings of Migration to PQC Project Capabilities to NIST Cybersecurity Framework 2.0 and to Security and Privacy Controls for Information Systems and Organizations
9/18/2025
Status: Draft |
Draft | 9/18/2025 |
| CSWP | 46 |
6/30/2025
Status: Final |
Final | 6/30/2025 |
| CSWP | 45 |
6/05/2025
Status: Final |
Final | 6/05/2025 |
| CSWP | 42 |
CSWP 42 (Initial Public Draft)
Towards Automating IoT Security: Implementing Trusted Network-Layer Onboarding
4/14/2025
Status: Draft |
Draft | 4/14/2025 |
| CSWP | 41 |
CSWP 41 (Final)
Likely Exploited Vulnerabilities: A Proposed Metric for Vulnerability Exploitation Probability
5/19/2025
Status: Final |
Final | 5/19/2025 |
| CSWP | 40 |
4/14/2025
Status: Draft |
Draft | 4/14/2025 |
| CSWP | 39 |
CSWP 39 (2nd Public Draft)
Considerations for Achieving Cryptographic Agility: Strategies and Practices
7/17/2025
Status: Draft |
Draft | 7/17/2025 |
| CSWP | 38 |
11/21/2024
Status: Draft |
Draft | 11/21/2024 |
| CSWP | 37B |
CSWP 37B (Initial Public Draft)
Automation of the NIST Cryptographic Module Validation Program: April 2025 Status Report
9/10/2025
Status: Draft |
Draft | 9/10/2025 |
| CSWP | 37 |
CSWP 37 (Initial Public Draft)
Automation of the NIST Cryptographic Module Validation Program: September 2024 Status Report
10/31/2024
Status: Draft |
Draft | 10/31/2024 |
| CSWP | 36E |
CSWP 36E (Initial Public Draft)
5G Network Security Design Principles: Applying 5G Cybersecurity and Privacy Capabilities
6/17/2025
Status: Draft |
Draft | 6/17/2025 |
| CSWP | 36D |
CSWP 36D (Initial Public Draft)
No SUPI-Based Paging: Applying 5G Cybersecurity and Privacy Capabilities
1/30/2025
Status: Draft |
Draft | 1/30/2025 |
| CSWP | 36C |
CSWP 36C (Initial Public Draft)
Reallocation of Temporary Identities: Applying 5G Cybersecurity and Privacy Capabilities
11/06/2024
Status: Draft |
Draft | 11/06/2024 |
| CSWP | 36B |
CSWP 36B (Initial Public Draft)
Using Hardware-Enabled Security to Ensure 5G System Platform Integrity: Applying 5G Cybersecurity and Privacy Capabilities
9/30/2024
Status: Draft |
Draft | 9/30/2024 |
| CSWP | 36A |
CSWP 36A (Initial Public Draft)
Protecting Subscriber Identifiers with Subscription Concealed Identifier (SUCI): Applying 5G Cybersecurity and Privacy Capabilities
8/15/2024
Status: Draft |
Draft | 8/15/2024 |
| CSWP | 36 |
CSWP 36 (Initial Public Draft)
Applying 5G Cybersecurity and Privacy Capabilities: Introduction to the White Paper Series
8/15/2024
Status: Draft |
Draft | 8/15/2024 |
| CSWP | 35 |
CSWP 35 (Initial Public Draft)
Cybersecurity Threat Modeling the Genomic Data Sequencing Workflow: An example threat model implementation for genomic data sequencing and analysis
12/16/2024
Status: Draft |
Draft | 12/16/2024 |
| CSWP | 34 |
CSWP 34 (Initial Public Draft)
Mitigating Cybersecurity and Privacy Risks in Telehealth Smart Home Integration: Healthcare and Public Health Sector Risk Management Approaches
11/06/2024
Status: Draft |
Draft | 11/06/2024 |
| CSWP | 33 |
CSWP 33 (Initial Public Draft)
Product Development Cybersecurity Handbook: Concepts and Considerations for IoT Product Manufacturers
4/03/2024
Status: Draft |
Draft | 4/03/2024 |
| CSWP | 32 |
CSWP 32 (Initial Public Draft)
NIST Cybersecurity Framework 2.0: A Guide to Creating Community Profiles
2/26/2024
Status: Draft |
Draft | 2/26/2024 |
| CSWP | 31 |
9/26/2024
Status: Final |
Final | 9/26/2024 |
| CSWP | 30 |
12/06/2023
Status: Final |
Final | 12/06/2023 |
| CSWP | 29 |
2/26/2024
Status: Final |
Final | 2/26/2024 |
| CSWP | 28 |
4/06/2023
Status: Final |
Final | 4/06/2023 |
| CSWP | 26 |
6/13/2022
Status: Final |
Final | 6/13/2022 |
| CSWP | 25 |
5/20/2022
Status: Final |
Final | 5/20/2022 |
| CSWP | 24 |
CSWP 24 (Final)
Recommended Criteria for Cybersecurity Labeling for Consumer Internet of Things (IoT) Products
2/04/2022
Status: Final |
Final | 2/04/2022 |
| CSWP | 23 |
2/04/2022
Status: Final |
Final | 2/04/2022 |
| CSWP | 22 |
12/06/2021
Status: Draft |
Draft | 12/06/2021 |
| CSWP | 21 |
CSWP 21 (Final)
Benefits of an Updated Mapping between the NIST Cybersecurity Framework and the NERC Critical Infrastructure Protection Standards
9/29/2021
Status: Final |
Final | 9/29/2021 |
| CSWP | 20 |
5/06/2022
Status: Final |
Final | 5/06/2022 |
| CSWP | 19 |
6/22/2021
Status: Draft |
Draft | 6/22/2021 |
| CSWP | 18 |
5/14/2021
Status: Draft |
Draft | 5/14/2021 |
| CSWP | 17 |
CSWP 17 (Initial Public Draft)
Securing Data Integrity Against Ransomware Attacks: Using the NIST Cybersecurity Framework and NIST Cybersecurity Practice Guides
10/01/2020
Status: Draft |
Draft | 10/01/2020 |
| CSWP | 16 |
CSWP 16 (Initial Public Draft)
Trusted Internet of Things (IoT) Device Network-Layer Onboarding and Lifecycle Management
9/08/2020
Status: Draft |
Draft | 9/08/2020 |
| CSWP | 15 |
CSWP 15 (Final)
Getting Ready for Post-Quantum Cryptography: Exploring Challenges Associated with Adopting and Using Post-Quantum Cryptographic Algorithms
4/28/2021
Status: Final |
Final | 4/28/2021 |
| CSWP | 11F |
2/04/2020
Status: Final |
Final | 2/04/2020 |
| CSWP | 11E |
2/04/2020
Status: Final |
Final | 2/04/2020 |
| CSWP | 11D |
2/04/2020
Status: Final |
Final | 2/04/2020 |
| CSWP | 11C |
CSWP 11C (Final)
Case Studies in Cyber Supply Chain Risk Management: Anonymous Renewable Energy Company
2/04/2020
Status: Final |
Final | 2/04/2020 |
| CSWP | 11B |
CSWP 11B (Final)
Case Studies in Cyber Supply Chain Risk Management: Anonymous Consumer Goods Company
2/04/2020
Status: Final |
Final | 2/04/2020 |
| CSWP | 11A |
CSWP 11A (Final)
Case Studies in Cyber Supply Chain Risk Management: Anonymous Consumer Electronics Company
2/04/2020
Status: Final |
Final | 2/04/2020 |
| CSWP | 11 |
CSWP 11 (Final)
Case Studies in Cyber Supply Chain Risk Management: Summary of Findings and Recommendations
2/04/2020
Status: Final |
Final | 2/04/2020 |
| CSWP | 10 |
NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management, Version 1.0
CSWP 10 (Final)
NIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management, Version 1.0
1/16/2020
Status: Final |
Final | 1/16/2020 |
| CSWP | 9 |
CSWP 9 (Final)
A Taxonomic Approach to Understanding Emerging Blockchain Identity Management Systems
1/14/2020
Status: Final |
Final | 1/14/2020 |
| CSWP | 8 |
4/22/2019
Status: Final |
Final | 4/22/2019 |
| CSWP | 7 |
9/10/2018
Status: Final |
Final | 9/10/2018 |
| CSWP | 6 |
4/16/2018
Status: Final |
Final | 4/16/2018 |
| CSWP | 5 |
1/26/2018
Status: Final |
Final | 1/26/2018 |
| CSWP | 4 |
4/21/2016
Status: Final |
Final | 4/21/2016 |
| CSWP | 2 |
CSWP 2 (Final)
Summary of NIST SP 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations
2/19/2014
Status: Final |
Final | 2/19/2014 |
| CSWP | 1 |
2/12/2014
Status: Final |
Final | 2/12/2014 |
Current Publications
-
NIST Series Pubs
- Final Pubs
- Drafts Open for Comment
- Drafts (all)
- View By Series
- Other Pubs
Public Drafts: Current list of all draft NIST cybersecurity documents--they are typically posted for public comment. "Current" public drafts are the latest draft versions that have not yet been published as "Final." FIPS: Current Federal Information Processing Standard Publications (FIPS). Includes current (Final and Draft) FIPS.
SP 800 Series: Current NIST Special Publication (SP) 800 series publications, which focus on Computer/Information Security. Includes current (Final and Draft) SP 800 pubs.
All SP Series: Current NIST Special Publications (SP), including SP 800 (Computer/Information Security) and SP 1800 (Cybersecurity Practice Guides) pubs. Also includes SP 500 (Computer Systems Technology) pubs related to cybersecurity and privacy. Includes current (Final and Draft) NIST Special Publications.
NISTIRs: Current list of NIST Interagency or Internal Reports (NISTIR) related to cybersecurity and privacy. Includes current (Final and Draft) NISTIRs.
ITL Bulletins: Current list of NIST Information Technology Laboratory (ITL) Bulletins. White Papers: Consists of NIST Cybersecurity White Papers; NCCoE Project Descriptions, Building Blocks and Use Cases; and other NIST-authored papers that are not part of a formal series. Includes current (Final and Draft) papers.
Journal Articles: NIST-authored articles published in external journals and in the NIST Journal of Research (JRES).
Conference Papers: NIST-authored conference papers related to cybersecurity and privacy.
Books: NIST-authored books, book sections, and encyclopedia entries related to cybersecurity and privacy.