National Cybersecurity Center of Excellence (NCCoE)

This public-private partnership enables the creation of practical cybersecurity solutions for specific industries or broad, cross-sector technology challenges. Working with technology partners—from Fortune 50 market leaders to smaller companies specializing in IT security— the NCCoE develops modular, easily adaptable example cybersecurity solutions demonstrating how to apply standards and best practices using commercially available technology. The NCCoE documents these example solutions in the NIST Special Publication 1800 series, which maps capabilities to the NIST Cyber Security Framework and details the steps needed for another entity to recreate the example solution. The NCCoE was established in 2012 by NIST in partnership with the State of Maryland and Montgomery County, Md.

Find out more about us.

News and Updates

Four officials sit at a table signing documents in front of banners for the NIST National Cybersecurity Center of Excellence.

NIST’s National Cybersecurity Center of Excellence Renews Partnerships With State, County

March 7, 2023

Also launched: the NIST Small Business Cybersecurity Community of Interest.

Cybersecurity of Genomic Data: Draft NIST IR 8432 Available for Public Comment

March 3, 2023

The National Cybersecurity Center of Excellence (NCCoE) has published the initial public draft of NIST Internal Report (NIST IR) 8432, Cybersecurity of Genomic

Hardware Enabled Security: Draft NIST IR 8320D Available for Comment

February 23, 2023

The National Cybersecurity Center of Excellence (NCCoE) has released a draft report, NIST Interagency Report (NISTIR) 8320D, Hardware Enabled Security: Hardware

NIST Revises the Foundational PNT Profile for Positioning, Navigation, and Timing (PNT) Services: NIST IR 8323r1

January 31, 2023

Today, NIST is publishing NIST IR 8323r1, Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and

Publications

Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services

January 31, 2023

Author(s)

James McCarthy, Ya-Shian Li-Baboud, Joseph Brule, Karri Meldorf

The national and economic security of the United States (U.S.) is dependent upon the reliable functioning of the nation's critical infrastructure. Positioning

Cybersecurity Framework Profile for Hybrid Satellite Networks (HSN): Final Annotated Outline

November 3, 2022

Author(s)

James McCarthy, Joseph Brule, Dan Mamula, Karri Meldorf

The objective of this Cybersecurity Profile is to identify an approach to assess the cybersecurity posture of Hybrid Satellite Networks (HSN) that provide

Trusted Cloud: Security Practice Guide for VMware Hybrid Cloud Infrastructure as a Service (IaaS) Environments

April 20, 2022

Author(s)

Murugiah Souppaya, Michael Bartock, Karen Scarfone, Donna Dodson, Daniel Carroll, Gina Scinta, Hemma Prafullchandra, Harmeet Singh, Raghuram Yeluri, Tim Shea, Carlos Phoenix, Robert Masten, Paul Massis, Jason Malnar, Michael Dalton, Anthony Dukes, Brenda Swarts, Rajeev Ghandi, Laura Storey, Rocky Weber, Jeff Haskins

A cloud workload is an abstraction of the actual instance of a functional application that is virtualized or containerized to include compute, storage, and

Hardware-Enabled Security: Policy-Based Governance in Trusted Container Platforms

April 20, 2022

Author(s)

Michael Bartock, Murugiah Souppaya, Haidong Xia, Raghu Yeluri, Uttam Shetty, Brandon Lum, Mariusz Sabath, Harmeet Singh, Alaa Youssef, Gosia Steinder, Yu Cao, Jayashree Ramanathan

In today's cloud data centers and edge computing, attack surfaces have significantly increased, cyber attacks are industrialized, and most security control

Awards

2021 - Gold Medal Award---Naomi Lefkovitz, Kaitlin Boeckl, Nakia Grayson, Maihuong Nguyen, Lisa Carnahan, Victoria Pillitteri, Adam Sedgewick, Dylan Gilbert

For exceptional leadership in developing, and driving adoption of, a novel framework to manage privacy risk while maximizing the beneficial uses of data.

2020 - Judson C. French Award---Douglas White, Megan Ogata, Austin Snelick, Alexander Nelson, Eric Trapnell, Michael Ogata, Robert Byers, Gurmindersingh (Gini) J. Khalsa, Craig Russell, Mary Laamanen

For dramatic enhancements to law enforcement’s ability to identify child exploitation imagery through NIST’s National Software Reference Library.

2020 - Samuel J. Heyman Service to America Medal---Donna F. Dodson

Recognized as one of the nation’s premier cybersecurity expert

Folk, Thomson, Conrad, Densock, Fisher, Bly, Smith, Ramsburg, Flanagan, Patel

2016 - Bronze Medal Award---Beth Mary Bly, Bill Fisher, Cheri Smith, Deana Ramsburg, Alex Folk, Jatin Patel, Jerome “Jay” Thomson, Kevin Conrad, Lynn Flanagan, Rob Densock

For designing and constructing an innovative facility allowing stakeholders to collaborate and solve the nation’s pressing cybersecurity challenges.

Press Coverage

Wireless Infusion Pumps Could Increase Cybersecurity Vulnerability

HealthITSecurity

August 28, 2018

Wirelessly connecting infusion pumps to point-of-care medication systems and EHRs improves healthcare delivery but also increases cybersecurity vulnerability

NIST issues guidance for protecting medical IoT devices

SC Magazine

August 28, 2018

The incredible advancements that have turned what were once standalone pieces of medical equipment into IoT devices do enable better care for patients, but at