U.S. flag

An official website of the United States government

Dot gov

Official websites use
A .gov website belongs to an official government organization in the United States.


Secure websites use HTTPS
A lock () or https:// means you’ve safely connected to the website. Share sensitive information only on official, secure websites.


  1. Home
  2. News
  3. Blog

Was this page helpful?

Cybersecurity Month: NIST Cybersecurity Framework and the Benefits of a Unified Approach in Securing our Cyberspace

Since 2004, October has been recognized as Cybersecurity Awareness Month. Every year, the National Cyber Security Alliance, and the Department of Homeland Security raise awareness about the importance of cybersecurity in our country.  This year we continue this tradition with the theme “Do Your Part.  #BeCyberSmart.” This year’s theme encourages individuals and organizations to understand their role in enhancing cybersecurity.

In collaboration with the Department of Homeland Security, the Department of Commerce is proud to highlight some of the work we are doing to increase cybersecurity awareness and encourage the adoption of the NIST Cybersecurity Framework.

To help address gaps in the approaches that organizations are taking to address cybersecurity risks, the National Institute for Standards and Technology (NIST) developed its National Initiative for Cybersecurity Education (NICE) Cybersecurity Framework. This framework helps organizations better understand their cybersecurity risks, such as threats, vulnerabilities, and impacts, by encouraging organizations to use a common language regarding cybersecurity risks.  This shared language enables staff from all levels to have a shared understanding of their organization’s cybersecurity risks.  Second, the Framework assists organizations in reducing risks by implementing customized measures to encourage organizations to respond to and recover from cybersecurity incidents by analyzing root causes and considering what improvements can be made in the future. 

However, having the proper tools is not enough. In order to build upon this framework, cybersecurity entities must also strengthen the diversity within their organizations and institutions as well. The United States’ greatest strength is its rich diversity, culturally, ideologically, and professionally. The benefits to the cybersecurity sector by encouraging more Americans from diverse and underrepresented backgrounds to explore careers in this critical sector. During a recent “Twitter takeover” of the Chief Information Officers Council twitter account, Department of Commerce Chief Information Security Officer Ryan Higgins reiterated this crucial sentiment:

“Throughout my career, I’ve learned that your #CyberCareer is more than technical skills. The @NISTcyber NICE Framework is a powerful resource for you to plan your career path, including how those with nontraditional backgrounds can apply these to cybersecurity

“Building a pipeline and ensuring we can recruit the best #CyberCareer talent means we need to bring in individuals with varied skills to ensure our cyber programs add value and that we all achieve our mission goals.”

Ultimately, these efforts will be in vain if we do not have a unified approach and bring together partners in both the private and public sectors to enhance our nation’s cyber security. In his speech at the Department of Homeland Security Space Cybersecurity Symposium, Deputy Secretary Graves highlighted the importance of working together to maintain cybersecurity standards in the public and private sector:

“Designing systems with both cybersecurity and resilience in mind at the outset will allow us to respond and contain the effects of disruptions more quickly. I know many of you are already working hard to protect space systems from cyberattacks, but there are still gaps we must address. And the best way to do that is by making sure the cybersecurity standards are consistent across the government and the private sector. We need to work together on this. Public-private partnership here is absolutely vital.”

Over the past year, many organizations have done this work and the Department of Commerce applauds their efforts and looks forward to continued collaboration between the public and private in order to expand American innovation and competitiveness through a secure cyberspace.

“The more we work together, the more resilient all of our systems will be.”

— Deputy Secretary Don Graves

If you are interested in exploring a career in cybersecurity, please visit Discovering Cybersecurity Careers to learn more.