Skip to main content
U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock ( ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity

NIST implements practical cybersecurity and privacy through outreach and effective application of standards and best practices necessary for the U.S. to adopt cybersecurity capabilities.

With a world-class measurement and testing laboratory encompassing a wide range of areas of computer science, mathematics, statistics, and systems engineering, NIST’s cybersecurity program supports its overall mission to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and related technology through research and development in ways that enhance economic security and improve our quality of life. 

The need for cybersecurity standards and best practices that address interoperability, usability and privacy continues to be critical for the nation. NIST’s cybersecurity programs seek to enable greater development and application of practical, innovative security technologies and methodologies that enhance the country’s ability to address current and future computer and information security challenges. 

The Missing Link: Integrating Cybersecurity and ERM

NIST Webinar: The Missing Link: Integrating Cybersecurity and ERM
Held: June 19, 2020
Enterprise Risk Management (ERM) has recently been adopted as a best practice in the federal government. Information security and cybersecurity have long incorporated ERM principles as part of the layered approach to managing risks. However, to be effective, these functions need to communicate effectively to inform decisions at on risk acceptance, impacts to strategic goals and objectives, and allocation of resources. A panel of experts will discuss ERM principles in leading cybersecurity frameworks and methods they have used to bring cybersecurity risks into context at the enterprise level. NIST’s recent Draft IR 8286 on “Integrating Cybersecurity and Enterprise Risk Management (ERM)” will also be discussed.

News and Updates

Events

11th Annual NICE Conference and Expo

Tue, Oct 27 - Mon, Nov 16 2020
11th ANNUAL NICE CONFERENCE AND EXPO October 27, November 5, November 9, and November 16, 2020 Visit the Conference

Industry Impacts

Wireless Infusion Pump Security

Infusion pumps were once standalone instruments that interacted only with the patient or medical provider. With technological improvements designed to enhance

Cybersecurity Framework

More than ever, organizations must balance a rapidly evolving cyber threat landscape against the need to fulfill business requirements. To help these

Projects and Programs

Trustworthy Networks of Things

NIST is working with industry to design, standardize, test and foster adoption of network-centric approaches to protect IoT devices from the Internet and to

Mobile Security and Forensics

Mobile devices, such as Personal Digital Assistants (PDAs), Blackberry, and cell phones have become essential tools in our personal and professional lives. The

Publications

Cybersecurity Framework Version 1.1 Manufacturing Profile

Author(s)
Keith A. Stouffer, Timothy A. Zimmerman, CheeYee Tang, Michael J. Pease, Jeffrey A. Cichonski, John McCarthy
This document provides the Cybersecurity Framework (CSF) Version 1.1 implementation details developed for the manufacturing environment. The "Manufacturing

Software

Baseline Tailor

Baseline Tailor is a software tool for using the United States government's Cybersecurity Framework and for tailoring the NIST Special Publication (SP) 800-53

Awards