Visit complete Cyber Security roadmap

← Back to Topics List


NIST is an agency under the U.S. Department of Commerce that develops and promotes measurement, standards, and technology. One of their primary responsibilities is the development of cyber security standards and guidelines, which help organizations improve their security posture by following the best practices and recommendations laid out by NIST.

Some important NIST publications related to cyber security are:

NIST Cybersecurity Framework

The NIST Cybersecurity Framework provides a structure for managing cyber risks and helps organizations understand, communicate, and manage their cyber risks. It outlines five core functions:

  • Identify – Develop understanding of risks to systems, assets, data, and capabilities
  • Protect – Implement safeguards to ensure delivery of critical infrastructure services
  • Detect – Identify occurrence of a cybersecurity event in a timely manner
  • Respond – Take action on detected cybersecurity events to contain the impact
  • Recover – Maintain plans for resilience and restore capabilities or services impaired due to a cybersecurity event

NIST Special Publication 800-53 (SP 800-53)

NIST SP 800-53 provides guidelines for selecting security and privacy controls for federal information systems as well as for systems that process federal information. This publication defines specific security and privacy controls that can be applied to address various risk factors and offers guidance on tailoring these controls for the unique needs of an organization.

NIST Special Publication 800-171 (SP 800-171)

NIST SP 800-171 addresses security requirements for protecting controlled unclassified information (CUI) in non-federal information systems and organizations. It is particularly relevant for entities that work with federal agencies, as they must meet these requirements in order to manage and safeguard CUI effectively.

NIST Risk Management Framework (RMF)

The NIST Risk Management Framework provides a structured process for organizations to manage security and privacy risks using NIST guidelines and standards. This framework consists of six steps:

  • Categorize Information Systems
  • Select Security Controls
  • Implement Security Controls
  • Assess Security Controls
  • Authorize Information Systems
  • Monitor Security Controls

By following NIST cyber security standards, organizations can reduce their vulnerability to cyber-attacks and enhance their overall security posture.

Community is the 6th most starred project on GitHub and is visited by hundreds of thousands of developers every month.

Roadmaps Best Practices Guides Videos Store YouTube by Kamran Ahmed

Community created roadmaps, articles, resources and journeys to help you choose your path and grow in your career.

© · FAQs · Terms · Privacy


The leading DevOps resource for Kubernetes, cloud-native computing, and the latest in at-scale development, deployment, and management.