Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Overview
NIST develops cybersecurity standards, guidelines, best practices, and other resources to meet the needs of U.S. industry, federal agencies and the broader public. Our activities range from producing specific information that organizations can put into practice immediately to longer-term research that anticipates advances in technologies and future challenges.
Some NIST cybersecurity assignments are defined by federal statutes, executive orders and policies. For example, the Office of Management and Budget (OMB) mandates that all federal agencies implement NIST’s cybersecurity standards and guidance for non-national security systems. Our cybersecurity activities also are driven by the needs of U.S. industry and the broader public. We engage vigorously with stakeholders to set priorities and ensure that our resources address the key issues that they face.
NIST also advances understanding and improves the management of privacy risks, some of which relate directly to cybersecurity.
Priority areas to which NIST contributes – and plans to focus more on – include cryptography, education and workforce, emerging technologies, risk management, identity and access management, measurements, privacy, trustworthy networks and trustworthy platforms.
Additional details can be found in these brief and more detailed fact sheets.
The initial summary of responses to NIST's February 2022 Cybersecurity Request for Information is now available.
Two recent cybersecurity supply chain projects are featured here: Executive Order 14028, Improving the Nation’s Cybersecurity and National Initiative for Improving Cybersecurity in Supply Chains.
Featured Content
Cybersecurity Topics
The Research
Additional Resources Links
Updating the NIST Cybersecurity Framework – Journey To CSF 2.0
The NIST Cybersecurity Framework was intended to be a living document that is refined, improved, and evolves over time. These updates help the Framework keep pace with technology and threat trends, integrate lessons learned, and move best practice to common practice. NIST initially produced the Framework in 2014 and updated it in April 2018 with CSF 1.1. Based on stakeholder feedback, in order to reflect the ever-evolving cybersecurity landscape and to help organizations more easily and effectively manage cybersecurity risk, NIST is planning a new, more significant update to the Framework: CSF 2.0.
News
NIST Updates Cybersecurity Guidance for Supply Chain Risk Management
NIST Seeks Inputs on its Draft Guide to Operational Technology Security
NIST Requests Public Comment on Draft Guidance for 5G Cybersecurity
NIST Releases Study on Blockchain and Related Technologies for Manufacturing Supply Chain Traceability
Cybersecurity Insights Blog
Events
Stay in Touch
Sign up for our newsletter to stay up to date with the latest research, trends, and news for Cybersecurity.