The Computer Security Division (CSD) develops cybersecurity standards, guidelines, tests, and metrics to protect federal information systems. CSD helps to develop innovative security technologies that enhance the nation’s ability to address current and future computer and information security challenges. CSD’s research focuses on cryptography, automation, identity and access management, the Internet of Things, and public safety networks. The Division maintains a Computer Security Resource Center (CSRC), which provides access to NIST's cybersecurity- and information security-related projects, publications, news, and events. CSRC supports U.S. and international stakeholders in government, industry, and academia.
Some engineers predict quantum computers will be a reality within the next 20 years. But it takes at least 20 years to deploy modern public key cryptography infrastructure. NIST is creating cryptographic systems that are secure against both quantum and present-day computers, while also interacting with existing communication protocol networks.
The National Vulnerability Database grants access to the U.S. Government’s repository of vulnerability management data, represented using the Security Automation Protocol. The data enables automation of vulnerability management, security measurement, and compliance. Users also have access to security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.
NIST verifies cryptographic modules based on cryptographic standards through the Cryptographic Module Validation Program. Modules validated as conforming to specific standards are accepted by federal agencies for the protection of sensitive information.