10 Must-Read NIST Publications

1. NIST Special Publication 800-12 Revision 1
   An Introduction to Information Security
2. NIST Special Publication 800-39
   Managing Information Security Risk – Organization, Mission, and Information System View
3. NIST Special Publication 800-30 Revision 1
   Guide for Conducting Risk Assessments
4. NIST Special Publication 800-37 Revision 2
   Risk Management Framework for Information Systems and Organizations – A System Life Cycle Approach for Security and Privacy
5. NIST Special Publication 800-53 Revision 4
   Security and Privacy Controls for Federal Information Systems and Organizations
6. NIST Special Publication 800-160 VOLUME 1
   Systems Security Engineering – Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems
7. NIST Special Publication 800-88 Revision 1
   Guidelines for Media Sanitization
8. NIST Special Publication 800-41 Revision 1
   Guidelines on Firewalls and Firewall Policy
9. NIST Special Publication 800-61 Revision 2
   Computer Security Incident Handling Guide
10. NIST Special Publication 800-115
    Technical Guide to Information Security Testing and Assessment

Recommended

1. NIST Special Publication 800-100
   Information Security Handbook: A Guide for Managers
2. NIST Special Publication 800-34 Rev. 1
   Contingency Planning Guide for Federal Information Systems
3. NIST Special Publication 800-50
   Building an Information Technology Security Awareness and Training Program
4. NIST Special Publication 800-70 Revision 4
   National Checklist Program for IT Products – Guidelines for Checklist Users and Developers
5. NIST Special Publication 800-86
   Guide to Integrating Forensic Techniques into Incident Response
6. NIST Special Publication 800-92
   Guide to Computer Security Log Management
7. NIST Special Publication 800-94
   Guide to Intrusion Detection and Prevention Systems (IDPS)
8. NIST Special Publication 800-128
   Guide for Security-Focused Configuration Management of Information Systems
9. NIST Special Publication 800-150
   Guide to Cyber Threat Information Sharing
10. NIST Special Publication 800-153
    Guidelines for Securing Wireless Local Area Networks (WLANs)
11. NIST Special Publication 800-32
    Introduction to Public Key Technology and the Federal PKI Infrastructure