- Candidates for success stories may submit success story ideas to NIST before they prepare the document – or they may simply submit their drafts to NIST for review and approval.
- The selection and publication of success stories does not reflect validation or endorsement of any individual organization's approach to using the Cybersecurity Framework.
- All text will be approved both by NIST and the user organization before public release.
- Success stories must avoid text or images that suggest NIST’s endorsement (e.g., company logos).
- NIST will make success stories available on the Cybersecurity Framework website and as handouts. Organizations featured in success stories are encouraged to distribute them directly – but they should not use them to promote their products or services.
- Organizations featured in success story organizations will be asked to review and update text annually; outdated stories will be removed from NIST’s website.
How to Submit:
- Success Story correspondence (drafts, ideas, questions, etc.) should be addressed to firstname.lastname@example.org