U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

ones and zeros on top of a background with a lock graphic
Information Technology

Cybersecurity

Overview

With a world-class measurement and testing laboratory encompassing a wide range of areas of computer science, mathematics, statistics, and systems engineering, NIST’s cybersecurity program supports its overall mission to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and related technology through research and development in ways that enhance economic security and improve our quality of life. 

The need for cybersecurity standards and best practices that address interoperability, usability, and privacy continues to be critical for the nation. NIST’s cybersecurity programs seek to enable greater development and application of practical, innovative security technologies and methodologies that enhance the country’s ability to address current and future computer and information security challenges. 

October is Cybersecurity Awareness Month. Learn about how you can get involved, check out our resources and find out about upcoming events.

NIST develops cybersecurity standards, guidelines, best practices, and resources to meet the needs of U.S. industry, federal agencies, and the broader public. We carry out cybersecurity assignments defined by federal statutes, executive orders, and policies—including developing cybersecurity standards and guidelines for federal agencies. We also work closely with organizations in the public and private sectors to ensure that our information can be readily leveraged to address specific issues that they face.

Some of our primary areas of focus are highlighted in our Vitals Fact Sheets:

Featured Content

Executive Order - Improving the Nation’s Cybersecurity
Stakeholder Engagement
Computer Security Resource Center
Cybersecurity Framework
Privacy Framework
Risk Management Framework
Measurements for Information Security
Cybersecurity Insights Blog
National Cybersecurity Center of Excellence
National Initiative for Cybersecurity Education (NICE)
Small Business Cybersecurity Corner
Ransomware Resources

Cybersecurity Topics

The Research

Projects & Programs

Trustworthy Network of Things

Trustworthy Networks of Things

NIST is working with industry to design, standardize, test and foster adoption of network-centric approaches to protect IoT devices from the Internet and to
View All Projects/Programs

Additional Resources Links

Publications
Software
Awards
Arrow going into target

DHS, NIST Coordinate in Releasing Preliminary Cybersecurity Performance Goals for Critical Infrastructure Control Systems

Following up on President Biden’s July 28, 2021, National Security Memorandum on “Improving Cybersecurity for Critical Infrastructure Control Systems, the Department of Homeland Security (DHS) coordinated with NIST in developing preliminary cybersecurity performance goals that will drive adoption of effective practices and controls.

CISA and NIST identified nine categories of recommended cybersecurity practices and used these categories as the foundation for preliminary control system cybersecurity performance goals.

Learn more

News

Businessman hand holding money banknote for paying the key from hacker for unlock folder got ransomware malware virus computer. Vector illustration technology data privacy and security concept.

Ransomware Risk Management: Draft NISTIR 8374 Available for Comment

The National Cybersecurity Center of Excellence (NCCoE) has released a revised draft report, NIST Interagency or Internal Report (NISTIR) 8374, Cybersecurity Framework Profile for Ransomware Risk Management, for public comment. This revised draft addresses the public comments provided for the preliminary draft released in June 2021. Ransomware is a type of malware that encrypts an organization’s
Read more
800-53 Comment Page Image

New Online Tool to Improve Stakeholder Engagement with SP 800-53

Read more
Smart industry, manufacturing and logistics innovation: automation, robotization, cloud computing, 3D printing and AR

NIST Requesting Comments on Protecting Information and System Integrity in Industrial Control System Environments: Cybersecurity for the Manufacturing Sector

Read more
Image of light beams crossing over an industrial picture representing networks

Federal Government Perspectives on Managing Supply Chain Cybersecurity Risks to Computing Devices Webinar

Read more

Cybersecurity Insights Blog

differential privacy blog series banner

Automatic Proofs of Differential Privacy

We are excited to introduce our fourth guest author in this blog series, Chike Abuah, PhD student in computer science at the University of Vermont, whose

Events

FISSEA Winter Forum: February 15, 2022

Tue, Feb 15 2022, 1:00 - 4:00pm EST
The FISSEA Forums are quarterly meetings to provide opportunities for policy and programmatic updates, the exchange of

Stay in Touch

Sign up for our newsletter to stay up to date with the latest research, trends, and news for Cybersecurity.