NIST (National Institute of Standards and Technology) works with the IT industry to foster innovation and security.

Founded in 1901, NIST is a non-regulatory federal agency within the U.S. Commerce Department's Technology Administration. NIST's mission is to develop and promote measurement, standards, and technology to enhance productivity, facilitate trade, and improve the quality of life. NIST carries out its mission in four cooperative programs:

• the NIST Laboratories, conducting research that advances the nation's technology infrastructure and is needed by U.S. industry to continually improve products and services;
  
  
• the Baldrige National Quality Program, which promotes performance excellence among U.S. manufacturers, service companies, educational institutions, and health care providers; conducts outreach programs and manages the annual Malcolm Baldrige National Quality Award which recognizes performance excellence and quality achievement;
  
  
• the Manufacturing Extension Partnership, a nationwide network of local centers offering technical and business assistance to smaller manufacturers; and
  
  
• the Advanced Technology Program, which accelerates the development of innovative technologies for broad national benefit by co-funding R&D partnerships with the private sector.

NIST has an operating budget of about $858 million and operates in two locations: Gaithersburg, Md., (headquarters—234-hectare/578-acre campus) and Boulder, Colo., (84-hectare/208-acre campus). NIST employs about 3,000 scientists, engineers, technicians, and support and administrative personnel. About 1,800 NIST associates complement the staff. In addition, NIST partners with 1,400 manufacturing specialists and staff at affiliated centers around the country.

The Information Technology Security and Networking (ITSN) Division  organizationally resides in the Office of the Chief Information Officer, NIST.  The ITSN is the focal point for addressing NIST-wide information technology (IT) security issues.  Functions of the ITSN include establishing, implementing, and testing information security policies, procedures, and technologies for NIST's administrative and scientific environments.  The ITSN also investigates computer security breaches by a NIST user or through a NIST system.  All non-public users of NIST information technology are required to read, acknowledge, and sign the NIST Policy on IT Resources Access and Use. The NIST Policy on IT Resources Access and Use is located at: http://cio.nist.gov/itsd/policy_accnuse.html and the signature page is located at: http://cio.nist.gov/itsd/memo_accessnuse_sign.html. The signature page must be signed, dated and mailed to NIST iTAC, 100 Bureau Drive, Mail Stop 1820, Gaithersburg, MD 20899.

The ITSN also investigates computer security breaches by a NIST user or through a NIST system. To report a security incident or to discuss an IT concern related to NIST, contact the IT Security Officer at nist-itso@nist.gov or 301-975-5375.

The role of the ITSN should not be confused with that of the Information Technology Laboratory's Computer Security Division.  Under the Computer Security Act of 1987, the Computer Security Division develops security standards and guidelines for sensitive (unclassified) Federal IT systems and works with industry to help improve the security of commercial IT products.  The Division has key focused activities in the areas of cryptographic standards and applications, security of emerging technologies, security management, and security testing.  The ITSO benefits from having access to subject matter experts, and the division benefits from having the environment to apply the research conducted and to contribute operational experience to its activities.  For more information on the ITL Computer Security Division, see http://csrc.nist.gov.