The National Institute of Standards
and Technology (NIST)

The National Institute of Standards and Technology (NIST) is a non-regulatory federal agency within the U.S. Department of Commerce. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, 标准, and technology in ways that enhance economic security and improve our quality of life. NIST promotes their mission by developing special publications that are devoted to specific information security topic. At bet9游戏平台 we have experience advising our clients using NIST guidance and frameworks such as:

NIST Cybersecurity Framework

Created through voluntary collaboration between industry and government, the Framework consists of 标准, 的指导方针, and practices to promote the protection of critical infrastructure. 的优先考虑, 灵活的, 可重复的, and cost-effective approach of the Framework helps owners and operators of critical infrastructure to manage cybersecurity-related risk.

NIST 800 - 53年

This publication provides a set of procedures for conducting assessments of security controls and privacy controls employed within federal information systems and organizations..

NIST 800 - 61

This publication assists organizations in establishing computer security incident response capabilities and handling incidents efficiently and effectively.

NIST 800 - 30

This document provides guidance for carrying out each of the three steps in the risk assessment process (i.e., prepare for the assessment, conduct the assessment, and maintain the assessment) and how risk assessments and other organizational risk management processes complement and inform each other.

NIST 800 - 171

This publication provides federal agencies with recommended requirements for protecting the confidentiality of Controlled Unclassified Information (CUI): (i) when the CUI is resident in nonfederal information systems and organizations; (ii) when the information systems where the CUI resides are not used or operated by contractors of federal agencies or other organizations on behalf of those agencies; and (iii) where there are no specific safeguarding requirements for protecting the confidentiality of CUI prescribed by the authorizing law, 监管, or government wide policy for the CUI category or subcategory listed in the CUI Registry.

NIST 800 - 82

This document provides guidance on how to secure Industrial Control Systems (ICS), including Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC), while addressing their unique performance, 可靠性, and safety requirements.

bet9游戏平台 NIST Assessment Approach

We begin our assessment by working closely with you to understand your business processes in order to understand the NIST special publication that best pertains to your organization . We will work with and interview key individuals within the business and information technology services responsible for compliance with the NIST special publication. We will evaluate your compliance with all control requirements through review of documentation supporting the operating effectiveness of controls. When our evaluation is complete, we will provide your organization with a detailed compliance assessment report outlining corrective action plans with a detailed roadmap for achieving NIST compliance.

View our additional IT Risk Advisory services and capabilities

Cybersecurity 资源


Explore our cybersecurity resource library, including case studies, 白皮书, best practices and expert thought leadership.

了解更多 >


bet9游戏平台’ experts deliver analysis about the cybersecurity trends that impact our clients and organizations of all types and sizes.

了解更多 >