Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

black background. light blue shield in the middle. circle of hashmarks and triangles around the shield.

Information Technology

Cybersecurity

Overview

NIST develops cybersecurity standards, guidelines, best practices, and other resources to meet the needs of U.S. industry, federal agencies and the broader public. Our activities range from producing specific information that organizations can put into practice immediately to longer-term research that anticipates advances in technologies and future challenges.

It’s Cybersecurity Awareness Month. Check out NIST’s resources, events, and blogs!

Some NIST cybersecurity assignments are defined by federal statutes, executive orders and policies. For example, the Office of Management and Budget (OMB) mandates that all federal agencies implement NIST’s cybersecurity standards and guidance for non-national security systems. Our cybersecurity activities also are driven by the needs of U.S. industry and the broader public. We engage vigorously with stakeholders to set priorities and ensure that our resources address the key issues that they face.

NIST also advances understanding and improves the management of privacy risks, some of which relate directly to cybersecurity.

Priority areas to which NIST contributes – and plans to focus more on – include cryptography, education and workforce, emerging technologies, risk management, identity and access management, measurements, privacy, trustworthy networks and trustworthy platforms.

Additional details can be found in these brief and more detailed fact sheets.

Featured Content

Executive Order - Improving the Nation’s Cybersecurity

Cybersecurity for R&D

Computer Security Resource Center

Cybersecurity Framework

Journey to Cybersecurity Framework 2.0

Privacy Framework

Risk Management Framework

National Cybersecurity Center of Excellence

NICE

Small Business Cybersecurity Corner

Cybersecurity for IoT

NIST Cybersecurity Program History and Timeline

Cybersecurity Topics

Cryptography

Cybersecurity education and workforce development

Cybersecurity measurement

Identity & access management

Privacy engineering

Risk Management

Securing emerging technologies

Trustworthy networks

Trustworthy platforms

The Research

Projects & Programs

Exposure Notification – protecting workplaces and vulnerable communities during a pandemic

The goal of this project is to utilize NIST expertise in privacy, cybersecurity, machine learning, wireless technology, ranging, modeling, and hardware and

Trustworthy Networks of Things

Ongoing

NIST is working with industry to design, standardize, test and foster adoption of network-centric approaches to protect IoT devices from the Internet and to

Cryptographic Module Validation Program (CMVP)

Ongoing

The Cryptographic Module Validation Program (CMVP) is a joint effort between the National Institute of Standards and Technology under the Department of Commerce

Cyber-Physical Systems/Internet of Things for Smart Cities

Ongoing

Smart cities are enabled by cyber-physical systems (CPS), which involve connecting devices and systems – such as Internet of Things (IoT) technologies – in

View All Projects/Programs