Computer Security Division
The Computer Security Division (CSD) develops cybersecurity standards, guidelines, tests, and metrics to protect federal information systems. CSD helps to develop innovative security technologies that enhance the nation’s ability to address current and future computer and information security challenges. CSD’s research focuses on cryptography, automation, identity and access management, the Internet of Things, and public safety networks. The Division maintains a Computer Security Resource Center (CSRC), which provides access to NIST's cybersecurity- and information security-related projects, publications, news, and events. CSRC supports stakeholders in government, industry, and academia—both in the United States and internationally.
Some engineers predict quantum computers will be a reality within the next 20 years. But it takes at least 20 years to deploy modern public key cryptography infrastructure. NIST is creating cryptographic systems that are secure against both quantum and present-day computers, while also interacting with existing communication protocol networks.
The National Vulnerability Database grants access to the U.S. Government’s repository of vulnerability management data, represented using the Security Automation Protocol. The data enables automation of vulnerability management, security measurement, and compliance. Users also have access to security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.
Through the Cryptographic Module Validation Program, NIST verifies cryptographic modules based on cryptographic standards. Modules validated as conforming to specific standards are accepted by federal agencies for the protection of sensitive information.
Diane Honeycutt, Division Secretary
Division & CSRC Website Information:
Email Patrick O'Reilly
Division's Postal Address:
ITL - Computer Security Division
100 Bureau Drive, M/S 8930
Gaithersburg, MD 20899-8930