NIST Updates Cybersecurity Guidance for PNT Services Amid GPS Disruption Risks
Severity: Low (Score: 24.9)
Sources: Industrialcyber.Co, csrc.nist.gov
Summary
On May 11, 2026, NIST released a draft revision of NISTIR 8323 Rev. 2, enhancing guidance for managing risks related to Positioning, Navigation, and Timing (PNT) services, particularly GPS. This update aligns with the NIST Cybersecurity Framework 2.0 and aims to help organizations protect systems that depend on PNT services, including GPS and Network Time Protocol servers. The revised profile includes practical guidance for identifying PNT-dependent systems, safeguarding user equipment, detecting anomalies, and improving response capabilities during disruptions. NIST is soliciting feedback from industry stakeholders until July 6, 2026, to ensure the guidance addresses real-world applications and emerging risks, including those posed by AI and supply chain dependencies. The profile emphasizes the importance of executive-level oversight in managing cybersecurity risks associated with PNT services. It is designed to support organizations in enhancing operational resilience against potential disruptions. Key Points: • NIST released draft NISTIR 8323 Rev. 2 to update PNT cybersecurity guidance. • The guidance aligns with NIST Cybersecurity Framework 2.0 and addresses GPS disruption risks. • NIST seeks industry feedback on the draft until July 6, 2026, to refine the guidance.