U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

black background. light blue shield in the middle. circle of hashmarks and triangles around the shield.
Information Technology

Cybersecurity

NIST Cybersecurity Framework 2.0
Cybersecurity Framework
fingers on a laptop keyboard typing; text reads DATA PRIVACY. Locks connected by lines overlay the scene.
Privacy Framework
Image representing Risk Management
Risk Management Framework

NIST develops cybersecurity standards, guidelines, best practices, and other resources to meet the needs of U.S. industry, federal agencies and the broader public. Our activities range from producing specific information that organizations can put into practice immediately to longer-term research that anticipates advances in technologies and future challenges.

Some NIST cybersecurity assignments are defined by federal statutes, executive orders and policies. For example, the Office of Management and Budget (OMB) mandates that all federal agencies implement NIST’s cybersecurity standards and guidance for non-national security systems. Our cybersecurity activities also are driven by the needs of U.S. industry and the broader public. We engage vigorously with stakeholders to set priorities and ensure that our resources address the key issues that they face. 

NIST also advances understanding and improves the management of privacy risks, some of which relate directly to cybersecurity.

Priority areas to which NIST contributes – and plans to focus more on – include cryptography, education and workforce, emerging technologies, risk management, identity and access management, measurements, privacy, trustworthy networks and trustworthy platforms.

Additional details can be found in these brief and more detailed fact sheets.

The President’s Executive Order (EO) 14028 on Improving the Nation’s Cybersecurity  issued on May 12, 2021, charges multiple agencies – including NIST – with enhancing cybersecurity through a variety of initiatives related to the security and integrity of the software supply chain.

News

NIST Cybersecurity Framework wheel grahpic has external sections labeled Identify, Protect, Detect, Respond and Recover; internal circle is labeled Govern.

NIST Drafts Major Update to Its Widely Used Cybersecurity Framework

NIST has revised the framework to help benefit all sectors, not just critical infrastructure.
Read more
Group photo from O-RAN workshop on Zero Trust Standards in Mobile Networks.

NIST Participates in First Workshop on Zero Trust Architecture in Mobile Networks

Read more
an image of a hand with a trophy

NIST Wins Multiple CyberScoop 50 Awards

Read more
NCCoE Director Cherilyn Pascoe receives Montgomery County certificate from Montgomery County Executive Mr. Marc Elrich

NCCoE receives recognition from Montgomery County for significant role in advancing cybersecurity awareness and education

Read more
View cybersecurity publications

Videos

Protecting Your Small Business: Ransomware

Protecting Your Small Business: Ransomware

Protecting Your Small Business: Phishing

Protecting Your Small Business: Phishing

View All Videos

Cybersecurity Insights Blog

View cybersecurity events