Posted on

NIST Latest 2022

What is NIST ?

NIST (National Institute of Standards and Technology) is a non-regulatory government agency that develops technology, metrics, and standards to drive innovation and economic competitiveness at U.S.-based organizations in the science and technology industry.

As part of this effort, NIST produces standards and guidelines to help federal agencies meet the requirements of the Federal Information Security Management Act (FISMA). NIST also assists those agencies in protecting their information and information systems through cost-effective programs.

Applicability


NIST is a federal agency within the United States Department of Commerce. NIST’s mission is to develop and promote measurement, standards, and technology to enhance productivity, facilitate trade, and improve the quality of life.

NIST is also responsible for establishing computer- and information technology-related standards and guidelines for federal agencies to use. Many private sector organizations have made widespread use of these standards and guidelines voluntarily for several decades, especially those related to information security.

Objective

The NIST CSF uses these 5 core areas to evaluate security controls: 

  • Identify
  • Protect
  • Detect
  • Respond
  • Recover

These five areas represent the lifecycle of cybersecurity risk. Each area has categories tied to specific needs and activities. Each category is further broken down into subcategories, standards, guidelines, and practices which are needed to accomplish the outcome for that category.

Approach

Our approach has been covered in phases as mentioned below: 

Phase 1: Understand Business Process
Understanding the environment and management’s expectations along with the policies and procedures.

Phase 2: Identify Risks and Controls
Identify target processes and understand the process flow, risk, information assets and controls pertaining to processes. 

Phase 3: Controls Design Testing
Identify controls based of NIST and prepare the issue and opportunity registers, test the control design and identify deficiencies. Prepare risk mitigation plan and calculate the residual risks.

Phase 4: Controls Evaluation
Perform internal audit and identify the control weaknesses and impact of deficiencies. 

Phase 5 : Reporting

The National Institute of Standards and Technology (NIST) is a physical sciences laboratory and non-regulatory agency of the United States Department of Commerce. Its mission is to promote American innovation and industrial competitiveness.

NIST’s activities are organized into laboratory programs that include nanoscale science and technology, engineering, information technology, neutron research, material measurement, and physical measurement. From 1901 to 1988, the agency was named the National Bureau of Standards.

Bureau of Standards (1901-1988)


In 1901, in response to a bill proposed by Congressman James H. Southard (R, Ohio), the National Bureau of Standards was founded with the mandate to provide standard weights and measures, and to serve as the national physical laboratory for the United States. (Southard had previously sponsored a bill for metric conversion of the United States.)


President Theodore Roosevelt appointed Samuel W. Stratton as the first director. The budget for the first year of operation was $40,000. The Bureau took custody of the copies of the kilogram and meter bars that were the standards for US measures, and set up a program to provide metrology services for United States scientific and commercial users.

A laboratory site was constructed in Washington, DC, and instruments were acquired from the national physical laboratories of Europe. In addition to weights and measures, the Bureau developed instruments for electrical units and for measurement of light. In 1905 a meeting was called that would be the first “National Conference on Weights and Measures”.

Initially conceived as purely a metrology agency, the Bureau of Standards was directed by Herbert Hoover to set up divisions to develop commercial standards for materials and products.

page 133 Some of these standards were for products intended for government use, but product standards also affected private-sector consumption. Quality standards were developed for products including some types of clothing, automobile brake systems and headlamps, antifreeze, and electrical safety.

During World War I, the Bureau worked on multiple problems related to war production, even operating its own facility to produce optical glass when European supplies were cut off. Between the wars, Harry Diamond of the Bureau developed a blind approach radio aircraft landing system.

During World War II, military research and development was carried out, including development of radio propagation forecast methods, the proximity fuze and the standardized airframe used originally for Project Pigeon, and shortly afterwards the autonomously radar-guided Bat anti-ship guided bomb and the Kingfisher family of torpedo-carrying missiles.


In 1948, financed by the United States Air Force, the Bureau began design and construction of SEAC, the Standards Eastern Automatic Computer. The computer went into operation in May 1950 using a combination of vacuum tubes and solid-state diode logic. About the same time the Standards Western Automatic Computer, was built at the Los Angeles office of the NBS by Harry Huskey and used for research there. A mobile version, DYSEAC, was built for the Signal Corps in 1954.

National Institute of Standards and Technology (from 1988)


Due to a changing mission, the “National Bureau of Standards” became the “National Institute of Standards and Technology” in 1988.

Following September 11, 2001, NIST conducted the official investigation into the collapse of the World Trade Center buildings.

Following the 2021 Surfside condominium building collapse, NIST sent engineers to the site to investigate the cause of the collapse.

In 2019, NIST launched a program named NIST on a Chip to decrease the size of instruments from lab machines to chip size. Applications include aircraft testing, communication with satellites for navigation purposes, and temperature and pressure.

Read More About SOC 2 Compliance

Buy From Amzon

By: Er. Nikhil PandeyCategories: IT Laws Worldwide

Leave a Reply

Your email address will not be published. Required fields are marked *