Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Stakeholders: The “Be-All and End-All” of NIST’s Cybersecurity and Privacy Work

Cybersecurity background

When it comes down to it, NIST’s cybersecurity and privacy work is all about its stakeholders. Our researchers and other staff can do the most extraordinary work to advance the state of the art or solve problems in these areas – but our success truly should only be measured by the difference we make in providing the best possible and most useful tools and information.

That’s why we put such a high premium on engaging with the public and private sectors, academia, and other stakeholders. NIST counts on developers, providers, and everyday users of cybersecurity and privacy technologies and information to provide input that we can use to help guide our priorities. This engagement also helps us to decide on the best methods and formats for delivering our information and services. In short, listening to and working with stakeholders enables NIST to produce useful and technically correct resources.

And it’s why we offer a variety of methods to do that. NIST engages in many ways – informal and formal. We participate with others in developing guidelines, coordinate and conduct joint activities with federal agencies, take part in international initiatives and information sharing, convene and participate in special topic forums and workshops, collaborate via research with industry and academia, solicit and receive comments on publications, and listen closely. 

That’s a mode of operation for NIST as a whole, and it is especially true in our cybersecurity and privacy work as we take on challenging tasks. That was true in 2013 when NIST was directed to develop the “Framework for Improving Critical Infrastructure Cybersecurity,” better known today as the NIST Cybersecurity Framework. We made a concerted effort to fully engage not just with the critical infrastructure sectors but with all who were interested in forging a flexible, risk-based approach for managing cybersecurity. It was a successful approach that we have used before and since, emblematic of our interest in convening and hearing from all stakeholders. We receive plenty of kudos for that style of doing business, and we aim to repeat this success and to continue to find the most effective and efficient ways to actively listen to and work together with others.

In that spirit, we’ve just launched a new web page to encourage even greater participation and collaboration with us. I encourage you to check out the NIST “Cybersecurity & Privacy Stakeholder Engagement” page here: https://www.nist.gov/cybersecurity/cybersecurity-privacy-stakeholder-engagement. In addition to NIST’s specific program pages which provide you with opportunities to offer suggestions about and reactions to our work, this new page describes in one location the multiple methods for engaging with us. And if you have thoughts to share – including other approaches we might use to better or more conveniently connect with you – but aren’t sure about how best to engage, just email us at cybersecurity-privacy [at] nist.gov (cybersecurity-privacy[at]nist[dot]gov) or tweet us @NISTcyber. We’re standing by.

About the author

Kevin Stine

Mr. Kevin Stine is the Chief of the Applied Cybersecurity Division in the National Institute of Standards and Technology’s Information Technology Laboratory (ITL). He is also NIST's Acting Chief Cybersecurity Advisor and Acting Associate Director for Cybersecurity in NIST's ITL. In these roles, he leads NIST collaborations with industry, academia, and government to improve cybersecurity and privacy risk management through the effective application of standards, best practices, and technologies. The Applied Cybersecurity Division develops cybersecurity and privacy guidelines, tools, and reference architectures in diverse areas such as public safety communications; health information technology; smart grid, cyber physical, and industrial control systems; and programs focused on outreach to small businesses and federal agencies. The Division is home to several priority programs including the National Cybersecurity Center of Excellence, Cybersecurity Framework, Cybersecurity for IoT, Identity and Access Management, Privacy Engineering and Risk Management, and the National Initiative for Cybersecurity Education. 

Comments

Add new comment

CAPTCHA
Image CAPTCHA
Enter the characters shown in the image.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Please be respectful when posting comments. We will post all comments without editing as long as they are appropriate for a public, family friendly website, are on topic and do not contain profanity, personal attacks, misleading or false information/accusations or promote specific commercial products, services or organizations. Comments that violate our comment policy or include links to non-government organizations/web pages will not be posted.