Delivering the law into software
Feed Jurisdiction: India Status: Received presidential assent on 11th August 2023. History and What It’s About The Digital Personal Data Protection Bill, 2023 was introduced in the Lok Sabha (Indian Parliament) as Bill No. 113 of 2023. The Bill aims to regulate the processing of digital personal data while balancing the right to privacy of individuals with the necessity of processing personal data for … Read more
Jurisdiction: European Union / Economic Area Status: Adopted. European countries have until 17 October 2024 to impose through national law. History and what it’s about The NIS2 Directive (Directive (EU) 2022/2555) was adopted on December 14, 2022, as a revision to the original NIS Directive (Directive on Security of Network and Information Systems) that was … Read more
Jurisdiction: European Union / Economic Area Status: Adopted. European countries have until 28 June 2025 to impose through national law. History and what it’s about The European Accessibility Act (EAA) was adopted on April 17, 2019, and is intended to enhance the accessibility of products and services for persons with disabilities across the European Union … Read more
Jurisdiction: European Union / Economic Area Status: Adopted and Enforceable History and what it’s about The General Data Protection Regulation (GDPR) was adopted on April 27, 2016. It became enforceable on May 25, 2018. The GDPR’s purpose is to protect the fundamental rights of individuals in the European Union (EU), and specifically their personal data … Read more
Over the past few months, NIST has been revising and updating Foundational Activities for IoT Product Manufacturers (NIST IR 8259 Revision 1 Initial Public Draft), which describes recommended pre-market and post-market activities for manufacturers to develop products that meet their customers’ cybersecurity needs and expectations. Thank you so much for the thoughtful comments and feedback … Read more
Today is the day! Digital Identity Guidelines, Revision 4 is finally here…it’s been an exciting journey and NIST is honored to be a part of it. What can we expect? Serving as a culmination of a nearly four-year collaborative process that included foundational research, two public drafts, and about 6,000 individual comments from the public, … Read more
Thank you to everyone who participated in the Cyber AI Profile Workshop NIST hosted this past April! This work intends to support the cybersecurity and AI communities — and the input you provided during this workshop is critical. We are working to publish a Workshop Summary that captures themes and highlights from the event. In … Read more
A lot has changed in America’s cybersecurity workforce development ecosystem since 2016: employment in cybersecurity occupations has grown by more than 300,000 [1]; the number of information security degrees awarded annually has more than tripled to nearly 35,000 [2]; and a wide array of new technologies and risks have emerged. Five regional cybersecurity workforce partnerships … Read more
The NICE Workforce Framework for Cybersecurity ( NICE Framework) was revised in November 2020 as NIST Special Publication 800-181 rev.1 to enable more effective and rapid updates to the NICE Framework Components, including how the advent of emerging technologies would impact cybersecurity work. NICE has been actively engaging in conversations with: federal departments and agencies; … Read more
What is NIST up to? On April 3, 2025, NIST hosted a Cybersecurity and AI Profile Workshop at our National Cybersecurity Center of Excellence (NCCoE) to hear feedback on our concept paper which presented opportunities to create profiles of the NIST Cybersecurity Framework (CSF) and the NIST AI Risk Management Framework (AI RMF). These would … Read more