The U.S. economy is a complex amalgamation of interconnected—and, often, interdependent—information systems. Besides e-commerce transactions totaling more than $200 billion annually, interconnected computer networks are essential for life-critical functions, such as air traffic control, integrated manufacturing operations, and electric power distribution. Ubiquitous and indispensable, networked systems face rising threat of malicious attack from individuals, organizations, and nation states that are targeting key information technology operations and assets. In fact, ["F]ederal agencies report increasing cyber-intrusions into government computer networks, perpetrated by a range of known and unknown actors."1
The Administration believes the reliability of U.S. cyber systems is essential to our economy, physical and information infrastructure, public safety, and national security, and has ordered a review of national cyber security efforts, which should help to guide efforts to defend against increasingly sophisticated attackers.
NIST has expertise and experience in fundamental security technologies, such as cryptography, risk management, biometrics, tokens, operating system security, security protocols, and authentication. Its strategic relationships with the IT community facilitate adoption of research outputs and resulting standards. This proposed initiative will:
Anticipated outcomes of this cyber security initiative will include:
1J. Rollins and A.C. Henning, Comprehensive National Cybersecurity Initiative: Legal Authorities and Policy Considerations. Congressional Research Service, March 10, 2009.