Picture in your mind a typical US federal agency. Go ahead, close your eyes and imagine it. Seriously, do it. As you think about that agency, pick the first two adjectives that came to mind. Did they happen to be fresh and innovative? 

If not, then maybe you should take a look at today’s National Institute of Standards and Technology, or NIST for short. They’re one of the nation’s oldest physical science laboratories and part of the massive US Department of Commerce that employs over 45,000 people. I know, I know. These days it’s getting harder to connect big and old with fresh and innovative. With NIST, though, it’s actually true.

NIST is at the forefront of many things, and cybersecurity is definitely one of them. They’ve been publishing computer security standards and guidelines for decades now but in recent years they’ve taken a fresh, new approach. They sat down and collaborated with both public and private sector organizations to come up with an innovative new cybersecurity framework – one that’s easy to understand, one that helps organizations prioritize and cost-effectively tackle cyber risks, one that provides a common language to discuss cybersecurity, and one that references existing best practices from around the globe.

It’s the NIST Cybersecurity Framework, or CSF for short. As today’s cyber threats continue to grow in volume and sophistication — without enough cyber experts to go around — it’s more important than ever to have a simple and solid way to bring cyber risks down to an acceptable level. That’s what the CSF brings to the table. And it’s gaining momentum: In this infographic NIST cites Gartner research that says 30% of US organizations already use the CSF — a number that’ll grow 50% by 2020.

Recently NIST updated their website with a fresh new look and brand new tools. There are slick videos to explain what they do. For example, there’s a cool animated video on the Cybersecurity Framework page to make the CSF easy to understand. They’ve also published the CSF Reference Tool to help your organization adopt the Framework and customize it to your needs. And they’ve just drafted a Baldrige-Based Tool for Cybersecurity Excellence to help you measure just how effectively you’re using the NIST CSF. Today’s NIST looks nothing like a boring old laboratory.

So how does Cisco tie into this? Well, as an experienced IT company with thousands of employees worldwide, some might wonder whether there are any new or innovative ideas here either. Hey, we have news for you: Today’s Cisco is the clear cybersecurity leader. Did you hear that SC Magazine awarded us with the Best Security Company and Best Security Organization Awards this year?

There are many good reasons for that. In short, we’re making truly effective security simple, open, and automated. We’ve aligned our solutions with the NIST Cybersecurity Framework so that it’s easy to see and take advantage of the full range of our capabilities. And equally important, we’re ready to talk in the language of the Framework just as soon as you are. Check out our cool animated video to see how. 

Still don’t believe me that today’s NIST is fresh and innovative? Maybe you’re in doubt whether today’s Cisco is too? Then follow both of us on your favorite social media platform, like Twitter (@usnistgov and @CiscoSecurity). You’ll see.

Join the National Cyber Security Month conversation on Twitter @CiscoSecurity #CyberAware.


Steve Caimi

Industry Solutions Specialist

US Public Sector Cybersecurity