U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information Technology Laboratory /Computer Security Division

Security Engineering and Risk Management

We research, develop and promote a comprehensive suite of security engineering and risk management standards and guidelines.

Overview

Program areas include a diverse suite of security work designed to be applied throughout the system lifecycle for any size or type of organization.

For more information regarding the Security Engineering and Risk Management Group, visit the CSRC website.

Projects / Programs

Publications

Engineering Trustworthy Secure Systems

Author(s)
Ronald S. Ross, Mark Winstead, Michael McEvilley
This publication describes a basis for establishing principles, concepts, activities, and tasks for engineering trustworthy secure systems. Such principles

2021 Cybersecurity and Privacy Annual Report

Author(s)
Patrick D. O'Reilly, Kristina Rigopoulos, Greg Witte, Larry Feldman
During Fiscal Year 2021 (FY 2021) – from October 1, 2020, through September 30, 2021 – the NIST Information Technology Laboratory (ITL) Cybersecurity and

Managing the Security of Information Exchanges

Author(s)
Kelley L. Dempsey, Victoria Yan Pillitteri, Andrew Regenscheid
An organization often has mission and business-based needs to exchange (share) information with one or more other internal or external organizations via various

Awards

Contacts

Group Manager: