Glossary
The National Institute of Standards and Technology (NIST) is a non-regulatory agency of the U.S. Department of Commerce. You can think of NIST as the science and technology expert for the United States. NIST is responsible for promoting U.S. innovation and industrial competitiveness by developing standards, measurements, and technologies. NIST encompasses many forms of science, but what has taken a more prominent role in the United States and globally is NIST's role in Cybersecurity.
In cybersecurity, NIST is perhaps best known for developing frameworks, guidelines, and publications that many organizations, both public and private, accept as authoritative in managing cybersecurity-related risks. NIST does not regulate or enforce laws (like SOX), but their guidelines have such a reputation for solid research and practicality that they stand as a standard for best practices for security, and serve as the basis for regulatory compliance in some instances.
Important Impacts of NIST to Cybersecurity
NIST provides many resources that are critical to building and maintaining a strong cybersecurity program:
NIST Cybersecurity Framework (CSF): This is perhaps NIST's most recognizable cybersecurity contribution. The Framework is an entirely voluntary framework, meaning it is intended for everybody regardless of size or sector, that provides organizations with a means of learning to understand, manage, and reduce cybersecurity risk. The framework describes a common language and different structure, made up of five functions:
Identify - Understand the organization’s assets, systems, capabilities, and risks.
Protect - Put safeguard measures in place to ensure delivery of critical services.
Detect - Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event.
Respond - Develop and implement the appropriate activities to take action regarding a detected cybersecurity incident.
Recover: Develop and carry out suitable activities to sustain plans for resilience and to restore any impaired configurations or capabilities of services due to a cybersecurity incident.
NIST Special Publications (SPs): These are lengthy documents providing detailed guidance on specific cybersecurity topics. Examples include:
NIST SP 800-53: provides a catalog of security and privacy controls for information systems and organizations, primarily for use by federal agencies and contractors.
NIST SP 800-63 (Digital Identity Guidelines): provides guidance on identity proofing, authentication, and federation that is very relevant to Identity and Access Management (IAM).
NIST SP 800-171: focuses on protecting Controlled Unclassified Information (CUI) in non-federal systems and organizations.
NIST SP 800-207 (Zero Trust Architecture): provides guidance on an architecture to work with principles of Zero Trust Access.
Why NIST Standards are Critical for Present Cybersecurity
NIST's frameworks and publications are very useful for organizations who want to mature their cybersecurity posture, properly be able to manage risk, or show due diligence. NIST standards and publications are not only used by the U.S. government but are now the de facto standard for many industries around the world.
Here are the reasons NIST guidance is so valuable for today's world:
Comprehensive Risk Management: NIST has a structured, systematic approach to identifying, assessing, and managing cybersecurity risk. It encompasses more than just technical controls and also covers governance, processes, and people.
Best Practices and Guidance: Organizations can benefit from NIST's extensive research and experience on what good security looks like instead of going back to square one. NIST provides a valuable level of credibility to develop a solid foundation of good security practices.
Compliance Accelerator: While NIST does not set regulation, many regulatory authorities (for instance, the ones associated with HIPAA, GDPR, or many industries) cite or use NIST guidelines as a reference. If an organization is following NIST guidelines, that is a huge step in easing the whole process to achieve and be able to show compliance to a number of compliance mandates.
Common Language for Stakeholders: While the NIST CSF is particularly known for having a common language for technical teams, business people, and executives to talk about and understand cybersecurity risks and investments, this helps to bring everyone up to the same level of communication when it comes to risks and investments.
Adaptable and Flexible: NIST Frameworks are adaptable and flexible to organizations of any size, any sector, and adjusting to a changing threat landscape and changing technology (cloud, artificial intelligence).
Cost-efficient Security: NIST helps organizations help to prioritize security investments based upon the clear and actionable advice provided. Sometimes this can result in more effective use of an organization's resources and return on security investment.
Promotes Zero Trust Architectures: NIST has been a key promoter and developer of guidance for Zero Trust Access to allow organizations to shift away from many traditional security models to a more innovative and secure security model.
Guidance for Identity Security: With NIST’s focus on digital identity management (e.g. SP 800-63), NIST provides valuable guidance to protect both human and non-human identities, make sure authentication is strong, and manage the secure and consistent lifecycles of access.
ReShield's next generation identity security platform is designed specifically for NIST's principles. Our Identity and Access Management (IAM), Privileged Access Management (PAM), Identity Governance and Administration (IGA), Identity Security Posture Management (ISPM) solutions support NIST's Identify, Protect, Detect, Respond, and Recover functions. Ultimately, ReShield will enable organizations to achieve and demonstrate okay and adhere the principles [Typo: "demonstrate adherence to the principles"] of Least Privilege Access (LPA), Just-in-Time (JIT) Access, Separation of Duties (SoD), and continuous visibility of all human and machines identities [Typo: "machine identities"] that will provide the best chance to put the NIST framework in place, manage risk, and make compliance workable.
![](data:image/svg+xml,<svg aria-label="Vector" display="block" role="presentation" viewBox="0 0 66 13" xmlns="http://www.w3.org/2000/svg"><g d="M 9.6 0 L 6.4 0 C 6.179 0 6 0.179 6 0.4 L 6 12.174 C 6 12.327 6.088 12.467 6.226 12.534 C 6.364 12.601 6.528 12.583 6.648 12.488 L 9.848 9.961 C 9.944 9.885 10 9.77 10 9.648 L 10 0.4 C 10 0.179 9.821 0 9.6 0 Z M 4 1.889 C 4 1.398 4.398 1 4.889 1 C 4.95 1 5 1.05 5 1.111 L 5 11.111 C 5 11.602 4.602 12 4.111 12 C 4.05 12 4 11.95 4 11.889 Z M 2 3.889 C 2 3.398 2.398 3 2.889 3 C 2.95 3 3 3.05 3 3.111 L 3 10.111 C 3 10.602 2.602 11 2.111 11 C 2.05 11 2 10.95 2 10.889 Z M 0 5.889 C 0 5.398 0.398 5 0.889 5 C 0.95 5 1 5.05 1 5.111 L 1 8.111 C 1 8.602 0.602 9 0.111 9 C 0.05 9 0 8.95 0 8.889 Z M 15.78 6.036 L 15.78 9.849 L 14 9.849 L 14 0 L 17.993 0 C 20.219 0 21.611 1.029 21.611 3.018 C 21.611 4.568 20.748 5.556 19.287 5.898 L 21.861 9.849 L 19.83 9.849 L 17.395 6.036 Z M 15.78 4.526 L 17.896 4.526 C 19.176 4.526 19.858 3.978 19.858 3.018 C 19.858 2.044 19.176 1.508 17.896 1.508 L 15.78 1.508 L 15.78 4.527 Z M 25.973 10 C 23.886 10 22.425 8.477 22.425 6.255 C 22.425 4.143 23.872 2.51 25.904 2.51 C 28.018 2.51 29.145 4.088 29.145 6.063 L 29.145 6.612 L 24.025 6.612 C 24.151 7.846 24.902 8.601 25.973 8.601 C 26.794 8.601 27.448 8.189 27.671 7.449 L 29.104 7.984 C 28.589 9.246 27.434 10 25.974 10 Z M 25.89 3.896 C 25.027 3.896 24.36 4.403 24.109 5.377 L 27.462 5.377 C 27.448 4.582 26.947 3.896 25.89 3.896 Z M 29.633 8.477 L 30.885 7.49 C 31.316 8.19 32.151 8.656 33 8.656 C 33.71 8.656 34.363 8.409 34.363 7.764 C 34.363 7.147 33.751 7.078 32.596 6.845 C 31.442 6.612 30.12 6.324 30.12 4.787 C 30.12 3.471 31.289 2.51 32.972 2.51 C 34.252 2.51 35.393 3.073 35.922 3.868 L 34.795 4.87 C 34.377 4.225 33.682 3.855 32.875 3.855 C 32.193 3.855 31.748 4.156 31.748 4.636 C 31.748 5.158 32.276 5.254 33.195 5.446 C 34.433 5.706 35.991 5.967 35.991 7.613 C 35.991 9.067 34.641 10 32.986 10 C 31.636 10 30.286 9.465 29.633 8.477 Z M 37.273 9.85 L 37.273 0 L 38.943 0 L 38.943 3.416 C 39.446 2.828 40.186 2.496 40.96 2.51 C 42.49 2.51 43.409 3.553 43.409 5.103 L 43.409 9.849 L 41.739 9.849 L 41.739 5.583 C 41.739 4.691 41.378 4.047 40.459 4.047 C 39.708 4.047 38.943 4.595 38.943 5.624 L 38.943 9.85 Z M 45.085 1.687 L 45.085 0 L 46.81 0 L 46.81 1.687 Z M 46.783 2.647 L 46.783 9.85 L 45.113 9.85 L 45.113 2.647 Z M 51.626 10 C 49.539 10 48.078 8.477 48.078 6.255 C 48.078 4.143 49.525 2.51 51.556 2.51 C 53.671 2.51 54.798 4.088 54.798 6.063 L 54.798 6.612 L 49.678 6.612 C 49.803 7.846 50.554 8.601 51.626 8.601 C 52.446 8.601 53.1 8.189 53.323 7.449 L 54.756 7.984 C 54.241 9.246 53.086 10 51.626 10 Z M 51.542 3.896 C 50.68 3.896 50.012 4.403 49.762 5.377 L 53.114 5.377 C 53.1 4.582 52.6 3.896 51.542 3.896 Z M 57.72 0 L 57.72 9.85 L 56.05 9.85 L 56.05 0 Z M 62.23 10 C 60.184 10 59.016 8.299 59.016 6.255 C 59.016 4.211 60.184 2.51 62.23 2.51 C 63.176 2.51 63.871 2.88 64.33 3.416 L 64.33 0 L 66 0 L 66 9.85 L 64.33 9.85 L 64.33 9.095 C 63.871 9.63 63.176 10 62.23 10 Z M 64.372 6.05 C 64.372 4.691 63.593 3.95 62.563 3.95 C 61.353 3.95 60.699 4.883 60.699 6.255 C 60.699 7.627 61.353 8.56 62.563 8.56 C 63.593 8.56 64.373 7.805 64.373 6.475 L 64.373 6.049 Z" fill="transparent" height="12.574162748448197px" id="QLfKMvzoW" width="65.99999884033204px"><path d="M 3.6 0 L 0.4 0 C 0.179 0 0 0.179 0 0.4 L 0 12.174 C 0 12.327 0.088 12.467 0.226 12.534 C 0.364 12.601 0.528 12.583 0.648 12.488 L 3.848 9.961 C 3.944 9.885 4 9.77 4 9.648 L 4 0.4 C 4 0.179 3.821 0 3.6 0 Z" fill="rgb(0, 117, 255)" height="12.57416274844826px" id="eDniqsBDd" transform="translate(6 0)" width="4px"/><path d="M 0 0.889 C 0 0.398 0.398 0 0.889 0 C 0.95 0 1 0.05 1 0.111 L 1 10.111 C 1 10.602 0.602 11 0.111 11 C 0.05 11 0 10.95 0 10.889 Z" fill="rgb(0, 200, 255)" height="11px" id="vpxu5xc_q" transform="translate(4 1)" width="1px"/><path d="M 0 0.889 C 0 0.398 0.398 0 0.889 0 C 0.95 0 1 0.05 1 0.111 L 1 7.111 C 1 7.602 0.602 8 0.111 8 C 0.05 8 0 7.95 0 7.889 Z" fill="rgb(0, 117, 255)" height="8px" id="zrDMDG6rG" transform="translate(2 3)" width="1px"/><path d="M 0 0.889 C 0 0.398 0.398 0 0.889 0 C 0.95 0 1 0.05 1 0.111 L 1 3.111 C 1 3.602 0.602 4 0.111 4 C 0.05 4 0 3.95 0 3.889 Z" fill="rgb(0, 200, 255)" height="4px" id="k04AzW6af" transform="translate(0 5)" width="1px"/><path d="M 1.78 6.036 L 1.78 9.849 L 0 9.849 L 0 0 L 3.993 0 C 6.219 0 7.611 1.029 7.611 3.018 C 7.611 4.568 6.748 5.556 5.287 5.898 L 7.861 9.849 L 5.83 9.849 L 3.395 6.036 Z M 1.78 4.526 L 3.896 4.526 C 5.176 4.526 5.858 3.978 5.858 3.018 C 5.858 2.044 5.176 1.508 3.896 1.508 L 1.78 1.508 L 1.78 4.527 Z M 11.973 10 C 9.886 10 8.425 8.477 8.425 6.255 C 8.425 4.143 9.872 2.51 11.904 2.51 C 14.018 2.51 15.145 4.088 15.145 6.063 L 15.145 6.612 L 10.025 6.612 C 10.151 7.846 10.902 8.601 11.973 8.601 C 12.794 8.601 13.448 8.189 13.671 7.449 L 15.104 7.984 C 14.589 9.246 13.434 10 11.974 10 Z M 11.89 3.896 C 11.027 3.896 10.36 4.403 10.109 5.377 L 13.462 5.377 C 13.448 4.582 12.947 3.896 11.89 3.896 Z M 15.633 8.477 L 16.885 7.49 C 17.316 8.19 18.151 8.656 19 8.656 C 19.71 8.656 20.363 8.409 20.363 7.764 C 20.363 7.147 19.751 7.078 18.596 6.845 C 17.442 6.612 16.12 6.324 16.12 4.787 C 16.12 3.471 17.289 2.51 18.972 2.51 C 20.252 2.51 21.393 3.073 21.922 3.868 L 20.795 4.87 C 20.377 4.225 19.682 3.855 18.875 3.855 C 18.193 3.855 17.748 4.156 17.748 4.636 C 17.748 5.158 18.276 5.254 19.195 5.446 C 20.433 5.706 21.991 5.967 21.991 7.613 C 21.991 9.067 20.641 10 18.986 10 C 17.636 10 16.286 9.465 15.633 8.477 Z M 23.273 9.85 L 23.273 0 L 24.943 0 L 24.943 3.416 C 25.446 2.828 26.186 2.496 26.96 2.51 C 28.49 2.51 29.409 3.553 29.409 5.103 L 29.409 9.849 L 27.739 9.849 L 27.739 5.583 C 27.739 4.691 27.378 4.047 26.459 4.047 C 25.708 4.047 24.943 4.595 24.943 5.624 L 24.943 9.85 Z M 31.085 1.687 L 31.085 0 L 32.81 0 L 32.81 1.687 Z M 32.783 2.647 L 32.783 9.85 L 31.113 9.85 L 31.113 2.647 Z M 37.626 10 C 35.539 10 34.078 8.477 34.078 6.255 C 34.078 4.143 35.525 2.51 37.556 2.51 C 39.671 2.51 40.798 4.088 40.798 6.063 L 40.798 6.612 L 35.678 6.612 C 35.803 7.846 36.554 8.601 37.626 8.601 C 38.446 8.601 39.1 8.189 39.323 7.449 L 40.756 7.984 C 40.241 9.246 39.086 10 37.626 10 Z M 37.542 3.896 C 36.68 3.896 36.012 4.403 35.762 5.377 L 39.114 5.377 C 39.1 4.582 38.6 3.896 37.542 3.896 Z M 43.72 0 L 43.72 9.85 L 42.05 9.85 L 42.05 0 Z M 48.23 10 C 46.184 10 45.016 8.299 45.016 6.255 C 45.016 4.211 46.184 2.51 48.23 2.51 C 49.176 2.51 49.871 2.88 50.33 3.416 L 50.33 0 L 52 0 L 52 9.85 L 50.33 9.85 L 50.33 9.095 C 49.871 9.63 49.176 10 48.23 10 Z M 50.372 6.05 C 50.372 4.691 49.593 3.95 48.563 3.95 C 47.353 3.95 46.699 4.883 46.699 6.255 C 46.699 7.627 47.353 8.56 48.563 8.56 C 49.593 8.56 50.373 7.805 50.373 6.475 L 50.373 6.049 Z" fill="rgb(255, 255, 255)" height="10px" id="uSPVddIXO" transform="translate(14 0)" width="51.99999884033203px"/></g></svg>)
