Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Updates on NIST’s Interagency International Cybersecurity Standardization Working Group

Last November, I was pleased to chair the most recent meeting of the Interagency International Cybersecurity Standardization Working Group (IICSWG) – a group NIST created in 2016. Our charge, from the Cybersecurity Enhancement Act of 2014, was to build a coordination mechanism for government agencies to discuss international cybersecurity standardization issues, consistent with agencies’ responsibilities under OMB Circular A-119. Since then, IICSWG has grown as a forum to discuss cybersecurity and privacy standardization topics, examine the overall cybersecurity standardization landscape (NISTIR 8074 Vol. 1 - Interagency Report on Strategic U.S. Government Engagement in International Standardization to Achieve U.S. Objectives for Cybersecurity), and provide a deep dive into IoT cybersecurity standards (NISTIR 8200 - Interagency Report on the Status of International Cybersecurity Standardization for the Internet of Things (IoT)).

A lot has changed since IICSWG was first created. Within NIST, our cybersecurity and privacy experts have been busy developing new and updated guidance across the cybersecurity domain – from frameworks like the NIST Cybersecurity Framework 2.0 and Privacy Framework 1.1 to guidance on zero trust and secure IoT implementations – and integrating that guidance into international standards. The National Cybersecurity Strategy Implementation Plan called upon NIST to reconvene with IICSWG to assist the United States Government (USG) in making progress on cybersecurity standardization. In addition, the White House’s United States Government National Standards Strategy for Critical and Emerging Technology (CET) highlights the importance of cybersecurity and privacy standardization and the critical role that the USG plays.

Today, IICSWG has cybersecurity and privacy representatives from more than 16 departments and agencies lending their expertise. The group met most recently in November 2023 and will hit the ground running in CY2024, now with a refreshed charter and updated focus areas. Our next meeting will take place on March 19, 2024 from 10:00-11:30AM EST. Membership is open to government employees. You may reach out to IICSWG [at] (IICSWG[at]nist[dot]gov) if you are interested in joining.

NIST is looking forward to a productive year ahead for IICSWG. While the IICSWG serves as a forum for Federal Departments and agencies, our charge includes consultation with private sector stakeholders. We welcome feedback from the diverse set of organizations that participate and contribute to international standards. Please email IICSWG [at] (IICSWG[at]nist[dot]gov) with your thoughts and feedback.

About the author

Lisa Carnahan

Lisa J. Carnahan, computer scientist, recently retired as the Associate Director for IT Standardization in the Information Technology Laboratory at the National Institute of Standards and Technology (ITL/NIST) and has rejoined the Office she created.  The Office develops programmatic strategies for standards engagement, understanding potential standards opportunities in emerging technologies, and promoting the benefits of standards adoption in the federal government and industry.  She convenes the US Interagency International Cybersecurity Standardization Working Group. 

Previously she served as the lead for conformity assessment research and guidance activities in the Standards Coordination Office at NIST, where she co-authored updates to NIST’s key documents for understanding and applying conformity assessment concepts in the federal government.  

Related posts


Add new comment

Enter the characters shown in the image.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Please be respectful when posting comments. We will post all comments without editing as long as they are appropriate for a public, family friendly website, are on topic and do not contain profanity, personal attacks, misleading or false information/accusations or promote specific commercial products, services or organizations. Comments that violate our comment policy or include links to non-government organizations/web pages will not be posted.