NIST: National Institute of Standards and Technology

NIST, the National Institute of Standards and Technology, is one of the nation's oldest physical science laboratories. Established by Congress in 1901 to remove challenges to US industrial competitiveness, the agency has, over the years, provided technology, measurement, and standards that innumerable products and services rely on. Today, NIST is part of the US Department of Commerce. Standards from NIST are available both individually, directly through the ANSI webstore, and as part of a Standards Subscription. If you or your organization are interested in easy, managed, online access to standards that can be shared, a Standards Subscription may be what you need - please contact us at: [email protected] or 1-212-642-4980 or Request Proposal Price.

Below are NIST's best-selling standards. To find additional standards, please use the search bar above.

NIST Cybersecurity Framework v1.1

Framework for Improving Critical Infrastructure Cybersecurity

The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) has released version 1.1 of its popular Framework for Improving Critical Infrastructure Cybersecurity, more widely known as the Cybersecurity Framework.  The framework was developed with a focus on industries vital to national and economic security, including energy, banking, communications and the defense industrial base. It has since proven flexible enough to be adopted voluntarily by large and small companies and organizations across all industry sectors, as well as by federal, state and local governments.  “The release of the Cybersecurity Framework Version 1.1 is a significant advance that truly reflects the success of the public-private model for addressing cybersecurity challenges,” said Under Secretary of Commerce for Standards and Technology and NIST Director Walter G. Copan. “From the very beginning, the Cybersecurity Framework has been a collaborative effort involving stakeholders from government, industry and academia. The impact of their work is evident in the widespread adoption of the framework by organizations across the United States, as well as internationally.”  Version 1.1 includes updates on:  authentication and identity, self-assessing cybersecurity risk, managing cybersecurity within the supply chain and vulnerability disclosure.