Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Cybersecurity

NIST implements practical cybersecurity and privacy through outreach and effective application of standards and best practices necessary for the U.S. to adopt cybersecurity capabilities.

With a world-class measurement and testing laboratory encompassing a wide range of areas of computer science, mathematics, statistics, and systems engineering, NIST’s cybersecurity program supports its overall mission to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and related technology through research and development in ways that enhance economic security and improve our quality of life. 

The need for cybersecurity standards and best practices that address interoperability, usability and privacy continues to be critical for the nation. NIST’s cybersecurity programs seek to enable greater development and application of practical, innovative security technologies and methodologies that enhance the country’s ability to address current and future computer and information security challenges. 

The Missing Link: Integrating Cybersecurity and ERM

NIST Webinar: The Missing Link: Integrating Cybersecurity and ERM
Held: June 19, 2020
Enterprise Risk Management (ERM) has recently been adopted as a best practice in the federal government. Information security and cybersecurity have long incorporated ERM principles as part of the layered approach to managing risks. However, to be effective, these functions need to communicate effectively to inform decisions at on risk acceptance, impacts to strategic goals and objectives, and allocation of resources. A panel of experts will discuss ERM principles in leading cybersecurity frameworks and methods they have used to bring cybersecurity risks into context at the enterprise level. NIST’s recent Draft IR 8286 on “Integrating Cybersecurity and Enterprise Risk Management (ERM)” will also be discussed.

News and Updates

NICE Released the Summer 2020 eNewsletter

The Summer 2020 NICE eNewsletter has been published to provide subscribers information on academic, industry, and government developments related to the

Events

11th Annual NICE Conference and Expo

Mon, Nov 16 - Wed, Nov 18 2020
11th ANNUAL NICE CONFERENCE AND EXPO SAVE THE DATE: November 16-18, 2020 Visit the Conference website Conference Update

Industry Impacts

Wireless Infusion Pump Security

Infusion pumps were once standalone instruments that interacted only with the patient or medical provider. With technological improvements designed to enhance

Cybersecurity Framework

More than ever, organizations must balance a rapidly evolving cyber threat landscape against the need to fulfill business requirements. To help these

Projects and Programs

Trustworthy Networks of Things

NIST is working with industry to design, standardize, test and foster adoption of network-centric approaches to protect IoT devices from the Internet and to

Mobile Security and Forensics

Mobile devices, such as Personal Digital Assistants (PDAs), Blackberry, and cell phones have become essential tools in our personal and professional lives. The

National Checklist Program

NIST maintains the National Checklist Repository, which is a publicly available resource that contains information on a variety of security configuration

Publications

Zero Trust Architecture

Author(s)
Scott W. Rose, Oliver Borchert, Stuart Mitchell, Sean Connelly
Zero trust (ZT) is the term for an evolving set of cybersecurity paradigms that move defenses from static, network- based perimeters to focus on users, assets

OpenFMB Proof of Concept Implementation Research

Author(s)
Michael J. Bartock, Rebecca Herold
A smart grid messaging framework is known as an Open Field Message Bus (OpenFMB, which was ratified by the North American Energy Standards Board (NAESB) in

Software

Baseline Tailor

Baseline Tailor is a software tool for using the United States government's Cybersecurity Framework and for tailoring the NIST Special Publication (SP) 800-53

Awards