Stakeholders are a very important force behind NIST’s cybersecurity and privacy programs. NIST counts on developers, providers, and everyday users of cybersecurity and privacy technologies/information to guide our priorities in serving the public and private sectors. Stakeholders also are critical when it comes to decisions about the best methods and formats for delivering our information and services.
NIST engages in many ways-- informal and formal. We participate with others in developing standards, coordinate and conduct joint activities with federal agencies, take part in international initiatives and information sharing, convene special topic forums and workshops, collaborate via research with industry and academia, solicit and receive comments on publications, and listen closely. Some methods are highlighted below and on program pages.
NIST has created issue-specific groups of professionals to discuss and share ideas and questions in an informal setting. Several of the Forums noted below are open to specific federal audiences only in order to facilitate important and potentially sensitive discussions.
Software and Supply Chain Assurance (SSCA) Forum ThisForum provides a venue for government, industry, and academic participants from around the world to share their knowledge and expertise regarding software and supply chain risks, effective practices and mitigation strategies, tools and technologies, and any gaps related to the people, processes, or technologies involved.
Federal Cybersecurity and Privacy Professionals Forum Through quarterly meetings and an email list, the Forum provides a venue to share ideas and best practices, resources, and knowledge along with an opportunity to leverage work in other organizations to reduce duplication and to offer access to a community and network of cybersecurity and privacy professionals. Open to cybersecurity and privacy professionals from U.S. federal, state, and local government agencies, higher education organizations, and their support contractors.
Federal Cyber Supply Chain Risk Management (C-SCRM) Forum The Forum fosters collaboration and the exchange of C-SCRM information among federal organizations to improve the security of federal supply chains. Through meetings and informal exchanges, the Forum offers agencies an opportunity to discuss issues of interest with – and to inform – many of those leading C-SCRM efforts in the federal ecosystem. Open to cybersecurity and privacy professionals from U.S. federal, state, and local government agencies and their support contractors.
Federal Information Security Educators
Federal Information Security Educators (FISSEA) founded in 1987, is an organization run by and for federal government information security professionals to assist federal agencies in strengthening their employee cybersecurity awareness and training programs. It serves as a forum for exchanging information and improving information systems security awareness and training programs throughout the federal government.
Communities of Interest (COI)
A COI is a group of professionals and advisors that share business insights, technical expertise, challenges, and perspectives.
National Cybersecurity Center of Excellence (NCCoE) The NCCoE relies on COIs as a way for experts and innovators to provide real-world cybersecurity challenges and inform its standards-based cybersecurity integrations that address business needs. COIs often include senior-level professionals and researchers from the private, public, and academic sectors. Members (there is no cost) typically meet monthly by teleconference.
NICE Framework Users Group This forum is for users (employers, learners, and education and training and credential providers) of the Workforce Framework for Cybersecurity (NICE Framework) to share and learn through questions, insights, or mutual support how they can use the NICE Framework and its associated components.
NICE Community Coordinating Council This council provides enables publicand private sector participants to develop concepts, design strategies, and pursue actions that advance cybersecurity education, training, and workforce development.
Privacy Engineering Collaboration Space This online venue allows practitioners to discover, share, discuss, and improve upon open source tools, solutions, and processes that support privacy engineering and risk
Privacy Workforce Public Working Group
The Privacy Workforce Public Working Group (PWWG) provides a forum for participants from the general public, including private industry, the public sector, academia, and civil society, to create the content of the NIST Privacy Workforce Taxonomy.
NIST frequently convenes organizations and individual experts to help guide programs or to discuss key technical issues.
National Cybersecurity Center of Excellence (NCCoE) Companies, government agencies, and others participate in building and deploying standards-based cybersecurity example solutions. Collaborators can suggest or help define problems to address, support development of reference designs, and test them in real-world environments. NCCoE encourages feedback on its practice guides from users, integrators, and others interested in deploying our example solutions. NIST solicits project-specific collaborators through Cooperative Research and Development Agreements (CRADAs) via project announcements.
Another vehicle for collaboration: NCCoE has joined with U.S. companies through a formal initiative, the National Cybersecurity Excellence Partnership (NCEP). In addition to contributing hardware, software, and other equipment and products to the NCCoE’s test environments, formal partners may designate guest researchers to work at the center in person or remotely.
Grants and Cooperative Agreements NIST’s Information Technology Laboratory (ITL) awards grants and cooperative agreements for Measurement Science and Engineering (MSE) Research Grant Programs.Grants support research or a recipient’s portion of collaborative research in a range of areas, including cybersecurity and privacy. NIST also issues Federal Funding Opportunities from time-to-time.
NIST works with industry and other agencies to develop cybersecurity and privacy standards through voluntary consensus standards developing organizations (SDOs). International standards alignment and harmonization is advanced by that participation and by inclusion of NIST-developed approaches. Since 1984, the NIST Information Technology Laboratory (ITL) and its predecessor organizations have been accredited by the American National Standards Institute (ANSI) as a standards developer.
Email contacts are listed on many of our project pages, along with opportunities to receive regular notices. Don’t see one or want to address a different topic? Let us know at cybersecurity-privacy [at] nist.gov or use Twitter @NISTcyber Twitter.