top of page

Top 20 NIST Standards

NIST, or the National Institute of Standards and Technology, is a federal agency within the United States Department of Commerce. Founded in 1901, NIST was originally known as the National Bureau of Standards and received its current name in 1988.

NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve quality of life. It provides industry, academia, government, and other users with over 1,300 Standard Reference Materials®.

One of the most well-known aspects of NIST is its role in cybersecurity. It develops and issues standards, guidelines, and other publications to assist in managing cost-effective programs to protect information and information systems of federal agencies.

NIST's work is implemented in various sectors and is often used as a baseline or reference in many areas of technology, industry, and science. It provides critical resources to a broad array of industries, from information technology and cybersecurity to atomic physics, biotechnology, and healthcare informatics.

Here are 20 recent standards and special publications from NIST (National Institute of Standards and Technology).

NIST SP 800-53 (Rev. 5): Security and Privacy Controls for Information Systems and Organizations

This document provides a catalog of security and privacy controls for federal information systems and organizations and a process for selecting controls to protect organizational operations.

NIST SP 800-171 (Rev. 2): Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

Provides requirements for protecting the confidentiality of Controlled Unclassified Information (CUI).

NIST SP 800-63-3: Digital Identity Guidelines

Provides technical requirements for federal agencies implementing digital identity services.

NIST SP 800-37 (Rev. 2): Risk Management Framework for Information Systems and Organizations

This publication provides guidelines for applying the Risk Management Framework to federal information systems to include conducting the activities of security categorization.

NIST SP 800-82 (Rev. 2): Guide to Industrial Control Systems (ICS) Security

Provides guidance on how to secure Industrial Control Systems (ICS), including Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations.

NIST SP 800-61 (Rev. 2): Computer Security Incident Handling Guide

Recommends procedures for incident handling, particularly for analyzing incident-related data and determining the appropriate response to each incident.

NIST SP 800-39: Managing Information Security Risk

This publication provides guidelines for managing risk to organizational operations, organizational assets, individuals, and other organizations resulting from the operation of an information system.

NIST SP 800-30 (Rev. 1): Guide for Conducting Risk Assessments

This guide provides guidelines for conducting risk assessments of federal information systems and organizations, amplifying the guidance in SP 800-39.

NIST SP 800-34 (Rev. 1): Contingency Planning Guide for Federal Information Systems

Provides instructions, recommendations, and considerations for government IT contingency planning.

NIST SP 800-57: Recommendation for Key Management

This publication provides cryptographic key management guidance. It consists of three parts. Part 1 provides general guidance and best practices for the management of cryptographic keying material.

NIST SP 800-88 (Rev. 1): Guidelines for Media Sanitization

This publication assists organizations in implementing a media sanitization program with proper and applicable management controls.

NIST SP 800-35: Guide to Information Technology Security Services

Provides assistance to organizations in the planning, acquisition, and implementation of information security services.

NIST SP 800-41 (Rev. 1): Guidelines on Firewalls and Firewall Policy

Provides recommendations on developing firewall policies and explains the technical features of firewalls and various types of firewall technologies.

NIST SP 800-94: Guide to Intrusion Detection and Prevention Systems (IDPS)

Provides recommendations for intrusion detection system (IDS) and intrusion prevention system (IPS) product selection, implementation, configuration, securing, monitoring, and maintenance.

NIST SP 800-92: Guide to Computer Security Log Management

Provides recommendations for log management, including how to collect, analyze, and store logs.

NIST SP 800-77: Guide to IPsec VPNs

Recommendations for organizations considering IPsec VPN solutions for secure network connections.

NIST SP 800-70 (Rev. 4): National Checklist Program for IT Products – Guidelines for Checklist Users and Developers

Provides guidelines for the development, maintenance, and use of checklists to help organizations establish a more secure IT environment.

NIST SP 800-12 (Rev. 1): An Introduction to Information Security

A guide for IT professionals new to information security, covering the foundation of the field and its basic principles.

NIST SP 800-55 (Rev. 1): Performance Measurement Guide for Information Security

Provides guidance on how to develop, select and implement measures to be used in verifying the effectiveness of information security controls.

NIST SP 800-58: Security Considerations for Voice Over IP Systems

Provides an analysis of security considerations for VoIP systems, including detailed insight into the risks VoIP poses to an organization's information and recommendations for mitigating those risks.


Recent Posts

See All
bottom of page