International Engagement – Brussels and Beyond

International engagement is an integral part of many ongoing NIST efforts, including the Journey to the Cybersecurity Framework (CSF 2.0) update, our update to the digital identity guidelines, and increasing awareness of the NIST Privacy Framework and IoT cybersecurity work.

In the update to NIST CSF 2.0, NIST continues to work with the international community. At NIST’s February 2023 virtual workshop on the CSF 2.0 update, participants from Italian and New Zealand governments and Mexican industry spoke on panels. In addition, participants joined from several countries. We are continuing to learn and benefit from international use cases and look forward to hearing even more in the months to come as we release our full draft 2.0! 

We also continued our international engagement at the RSA Conference in April. NIST leveraged the international audience that attends RSAC and met with various international partners to discuss the CSF update along with other NIST cybersecurity and privacy resources. NIST also delivered a presentation at the conference that focused on the CSF 2.0 update, which included information on international uptake. We expressed the importance and value of international engagement during this update process and highlighted how government and industry across the world have participated in the update. We also mentioned the draft discussion core was hot off the press and out for public comment during RSAC.

One recent international engagement was a visit from a team of NIST representatives to Brussels, Belgium in March of this year. As part of this trip, NIST’s subject matter experts presented on NIST IoT cybersecurity guidance and the CSF 2.0 update at the European Union (EU) Cyber Act Conference. While in Brussels, NIST also participated in a series of meetings and roundtables to share information and foster dialogue and opportunities for collaboration on key resources. NIST briefed interagency colleagues at the U.S. Embassy, as well as our colleagues at the European Union on our cybersecurity and privacy efforts. These efforts were facilitated by the State Department and International Trade Administration (ITA) within the Department of Commerce as well as industry organizations - we are grateful to them for all their assistance in making the trip a success! 

Another critical aspect of this trip was NIST’s participation in meetings for the U.S, EU Trade and Technology Council (TTC). A big focus of these discussions was digital identity. NIST has been leading conversations and efforts within a subgroup of TTC Working Group 1—the working group focused on Technology Standards. In Brussels, NIST presented the planned content and an outline of the fourth revision to Special Publication (SP) 800-63, Digital Identity Guidelines. We also received audience feedback during a public Roundtable Workshop hosted by the NIST-led Digital Identity Subgroup. Other topics for TTC meetings and stakeholder events throughout the week included levels of assurance and international standards. 

On the margins of these events, NIST also met with digital identity team representatives from the United Kingdom to discuss respective work in this area and opportunities for continued collaboration. This topic will continue to be an important focus area for NIST and our international engagement moving forward. NIST also had discussions with the European Commission on several topics and heard from their partners about policy issues within Europe and the lessons learned from the implementation of the Network Information Security (NIS) 2 Directive. This feedback will be valuable as NIST navigates the CSF 2.0 update. The Cyber Resilience Act was also raised in several meetings and NIST shared information on the approach taken with Executive Order 14028 and IoT cybersecurity and cybersecurity supply chain risk management guidance. NIST has already had several follow-up conversations with the European Commission on the CRA and IoT cybersecurity and will continue to identify areas for collaboration as a follow-up to this trip.

Back at home, NIST has continued to welcome visitors to the NIST campus and the National Cybersecurity Center of Excellence, including representatives from government and industry from India, France, Norway, Cote d’Ivoire, and Canada. NIST also met with delegations sponsored by the State Department’s International Visitor Leadership Program (IVLP), including groups with representatives from Uzbekistan, Vietnam, and countries across Europe. These conversations always provide a unique opportunity to learn from our international partners and share the work we are doing with industry across a variety of areas, including cybersecurity, 5G security, post quantum cryptography, digital identity, artificial intelligence (AI), and many other topics. NIST has also collaborated with the State Department on participation in various international dialogues, including the US-Japan Cybersecurity Dialogue and US-Switzerland Dialogue to discuss the CSF 2.0 update, IoT cybersecurity guidance, and other resources. 

Stay tuned for more international engagement updates in the coming weeks, including NIST’s participation in Israel Cyber Week and other events! Additional international resources continue to be posted on the International Cybersecurity and Privacy Resources page, including the recently released Special Publication (SP) 1271, Getting Started with the NIST Cybersecurity Framework: A Quick Start Guide in Ukrainian. If you are aware of additional translations and resources to share, please reach out to us!

For questions or to discuss opportunities for international engagement, reach out to us at intl-cyber-privacy [at] nist.gov (intl-cyber-privacy[at]nist[dot]gov).