NIST AND SAN DIEGO REGIONAL EDC HOST LISTENING SESSION ON IMPLEMENTATION OF U.S. GOVERNMENT NATIONAL STANDARDS STRATEGY FOR CRITICAL AND EMERGING TECHNOLOGY

Small Businesses, Cybersecurity, Access to Information, and Workforce Development Among Topics Discussed

December 11, 2023

On December 11, 2023, the National Institute of Standards and Technology (NIST) and the San Diego Regional Economic Development Corporation (EDC) co-hosted a listening session to discuss the U.S. Government National Standards Strategy for Critical and Emerging Technology (USG NSSCET). The event was held at the University of California San Diego Park & Market location in downtown San Diego. 

The event featured opening remarks from Dr. Nikia Clarke, Senior Vice President, San Diego Regional EDC and Executive Director, World Trade Center San Diego; Aron Davidson, Director, San Diego and Imperial Office, U.S. Commercial Service, U.S. Department of Commerce; Dr. Charles Romine, NIST Associate Director for Laboratory Programs; Dr. Jayne Morrow, NIST Senior Advisor for Standards Policy; and Kevin Stine, NIST Director of the Information Technology Laboratory. 

The event featured a morning roundtable and an afternoon panel discussion. Participants and panelists included representatives from industry, government, and academia. The event touched on topics of significance in Southern California. 

Workforce Development

Participants and panelists highlighted the importance of investing in students and supporting the standards workforce of the future, especially mid-career professionals interested in standards and critical and emerging technology areas.

Small and Medium-size Enterprises

Attendees voiced thoughts regarding the challenges small and medium-size businesses face when it comes to standards. Most are unsure of where to look for standards-related information, so they know how to engage in standards activities. For businesses with less than 10 employees, it’s difficult to participate in standards without adequate support and bandwidth, especially from the cybersecurity perspective. Several individuals recommended the use of a model or methodology to support standards development and implementation.  

Cybersecurity 

Participants noted that there is a lack of common understanding of what standards means for cybersecurity, and how it impacts market risk. Small enterprises do not have bandwidth to support a cybersecurity posture, and it is hard for them to understand what to do next, such as obtaining access to secure domains and implementing best practices to protect and grow their business. Remote companies face different challenges with cybersecurity requirements. Those businesses could benefit from security awareness trainings and supplemental information on cybersecurity services and certifications, allowing small business leaders to become more familiar with them. 

Standards Information and the Role of the U.S. Government 

Most attendees agreed it is tough to find standards information, including details (e.g., supply chain, vaccines) for specific industries, and to maintain awareness of new developments in standards. Improving transparency and clear instructions on where to find information is vital to supporting standards activities, keeping the innovation pipeline going, and applying standards and guidelines in the early stages. 

Individuals representing academic institutions emphasized the need for government to develop synergy with such institutions, particularly those with many research pieces, which helps broaden the concept of public-private partnership. Also, participants noted that government could create an office to receive incoming requests from standards development organizations and build mechanics to track inquiries and responses.