Quiz Entry - updated: 2026.07.14
What is NIST as an organisation?
NIST = National Institute of Standards and Technology — a US federal agency within the Department of Commerce, originally focused on physical metrology, now also one of the most influential cybersecurity standards publishers worldwide.
| NIST then | NIST now | |
|---|---|---|
| Original mission | Formalisation of "Standards for Weights and Measures" (mass, length, time, voltage references) | Same, plus IT/cyber publications |
| Current mission | Foster US industrial innovation and competitiveness through measurement science, standards, and technology |
NIST sits in Gaithersburg, MD and Boulder, CO. Outputs relevant to cybersecurity include:
- FIPS (Federal Information Processing Standards) — mandatory for US federal agencies.
- SP 800 series (Special Publications) — guidance, often de-facto standards (SP 800-53 controls, SP 800-30 risk).
- NIST CSF — the high-level cyber framework adopted globally.
- Cryptographic competitions — DES, AES (Rijndael), SHA-3 (Keccak), and the post-quantum process (CRYSTALS-Kyber, Dilithium).
Tip: NIST publishes everything for free, which is the single biggest reason NIST CSF + SP 800 dominate where ISO would otherwise — there's no €120-per-document barrier.
Go deeper:
NIST — About the agency (Wikipedia) — the Commerce agency's arc from the 1901 Bureau of Standards to today's cyber/crypto powerhouse.
NIST Cybersecurity Framework home — the hub for NIST's flagship free cyber output, showing why its publications spread without a paywall.