Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Security Engineering and Risk Management

We research, develop and promote a comprehensive suite of security engineering and risk management standards and guidelines.

Overview

Program areas include a diverse suite of security work designed to be applied throughout the system lifecycle for any size or type of organization.

For more information regarding the Security Engineering and Risk Management Group, visit the CSRC website.

Projects / Programs

Publications

2022 Cybersecurity & Privacy Annual Report

Author(s)
Patrick D. O'Reilly, Kristina Rigopoulos, Larry Feldman, Greg Witte
During Fiscal Year 2022 (FY 2022) – from October 1, 2021, through September 30, 2022 –the NIST Information Technology Laboratory (ITL) Cybersecurity and Privacy

Engineering Trustworthy Secure Systems

Author(s)
Ronald S. Ross, Mark Winstead, Michael McEvilley
This publication describes a basis for establishing principles, concepts, activities, and tasks for engineering trustworthy secure systems. Such principles

2021 Cybersecurity and Privacy Annual Report

Author(s)
Patrick D. O'Reilly, Kristina Rigopoulos, Greg Witte, Larry Feldman
During Fiscal Year 2021 (FY 2021) – from October 1, 2020, through September 30, 2021 – the NIST Information Technology Laboratory (ITL) Cybersecurity and

Awards

Contacts

Group Manager: