NIST’s Cybersecurity and Privacy activities strengthen the security of the digital environment through a portfolio bridging foundational and applied cybersecurity research, and through the development of publicly available standards and technical guidance.
NIST’s sustained outreach efforts support the effective application of standards and best practices enabling the adoption of practical cybersecurity and privacy.
Through internal research and collaboration with the private sector, academia, standards development organizations, other government agencies and national and international stakeholders, NIST addresses the nation’s current and future measurement science needs and is responsive to Congressional mandates and Executive Orders.
NIST requests a total of $78.4 million to strengthen the security of the digital systems upon which the nation’s critical infrastructure is built. The FY 2019 request is a net decrease of $3.3 million from FY 2018 levels. The proposed reductions will allow NIST to focus on core cybersecurity activities and the work of its National Cybersecurity Center of Excellence.
FY 2018 Annualized CR: $81.6 M
Lab Programs: $78.5 M
Corporate Services: $2.0 M
SCO/SPO: $1.1 M
FY 2019 Request: $78.4 M (-4.0%)
Lab Programs: $76.6 M
Corporate Services: $1.7 M
SCO/SPO: $0 M
Illustrative program reductions in FY 2019
-$1.7M in associated cybersecurity R&D efforts looking at biometrics for commercial and government applications, as well as efforts to reduce bugs in software
The federal government, critical infrastructure sectors, and all Americans increasingly depend on cyberspace. At the same time, the threats posed by criminals, governments, hacktivists and terrorists are growing in frequency and impact. Emerging technologies such as quantum computing and artificial intelligence will only increase the complexity of this threat landscape. NIST’s foundational cybersecurity research and the transfer of that research to policy and practice can help our partners in the private sector, academia and government manage their risks and ensure the internet can be a source of innovation and growth. For example:
NIST is preparing for the future IT environment by developing new measurement technologies to characterize, evaluate and ultimately improve the security of IT systems. To stave off the potential for quantum computing’s disruption to cryptography, NIST is leading the cryptography community to develop post-quantum standards to secure future systems.
NIST leads the National Initiative for Cybersecurity Education (NICE) program in partnership with government, academia and industry. NICE works to accelerate learning and skills development, nurture a diverse learning community, and guide career development and workforce planning.
At the National Cybersecurity Center of Excellence, NIST brings together experts from industry, government and academia to develop cost-effective and easy-to-deploy cybersecurity approaches based on commercially available technologies. The center provides practice guides to accelerate adoption of these solutions.
To help companies evaluate and address their cybersecurity risks in this quickly evolving technology age, NIST developed the Cybersecurity Framework. Executive Order 13800 requires that all federal executive branch agencies use the NIST Framework to manage cybersecurity risk.