Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Victoria Yan Pillitteri (Fed)

Acting Manager, Security Engineering and Risk Management Group

Victoria Yan Pillitteri is a supervisory computer scientist in the Computer Security Division at the National Institute of Standards and Technology (NIST).  Ms. Pillitteri is the Acting Manager of the Security Engineering and Risk Management Group and also leads the Risk Management Framework/Federal Information Security Modernization Act (FISMA) Implementation Project, that conducts the research and development of the suite of risk management guidance used for managing cybersecurity risk in the federal government. She serves as the lead of the Joint Task Force working group, a partnership with Department of Defense, the Intelligence Community and Civilian Agencies to develop a unified security framework used across USG, and is co-chair of the Federal Cybersecurity and Privacy Professionals Forum hosted by NIST. 

Ms. Pillitteri previously led programs in smart grid and cyber-physical systems cybersecurity, worked on the Framework for Improving Critical Infrastructure Cybersecurity, the Privacy Framework, and served as a program analyst in the NIST Office of the Director.

Ms. Pillitteri holds a B.S. in Electrical Engineering from the University of Maryland, a M.S in Computer Science, with a concentration in Information Assurance, from the George Washington University, and is a Certified Information Systems Security Professional (CISSP). She has completed a Senior Executive Service Candidate Development Program (SES CDP) and is SES certified by the Office of Personnel Management.


Approaches for Federal Agencies to Use the Cybersecurity Framework

Jeffrey Marron, Victoria Yan Pillitteri, Jon M. Boyens, Stephen Quinn, Gregory Witte
The document highlights examples for implementing the Framework for Improving Critical Infrastructure Cybersecurity (known as the Cybersecurity Framework) in a

Managing the Security of Information Exchanges

Kelley L. Dempsey, Victoria Yan Pillitteri, Andrew Regenscheid
An organization often has mission and business-based needs to exchange (share) information with one or more other internal or external organizations via various
Created October 9, 2019, Updated February 4, 2022