Governments as Standards Bodies
Because governments procure so many goods and services, it is important that they set and maintain standards to ensure measurable minimum levels of functionality and quality in the things they procure. This is also true of cybersecurity capabilities. This is how the National Institute of Standards and Technology (NIST) describes cybersecurity standards.
“The goal of cyber security standards is to improve the security of information technology (IT) systems, networks, and critical infrastructures. A cyber security standard defines both functional and assurance requirements within a product, system, process, or technology environment. Well-developed cyber security standards enable consistency among product developers and serve as a reliable metric for purchasing security products.” (Scarfone, K., Benigni, D. and Grance, T., 2009)
NIST is part of the U.S. Department of Commerce. Its mission is to “promote U.S. innovation and industrial...
