NIST Computer Security Division, United States
The Computer Security Division (CSD) is one of eight divisions within the Information Technology Laboratory of the National Institute of Standards and Technology (NIST), itself a bureau of the Chamber of Commerce. CSD is concerned with raising awareness of information technology (IT) risks, vulnerabilities, and protection requirements, especially for new and emerging forms of technology.
In addition to its support and security role with regard to new technologies, CSD is involved in researching IT vulnerabilities, advising federal and state agencies of these, and developing means to provide cost-effective protection. Also, in line with its mission as a part of NIST, it helps develop standards, tests, validation programs, and metrics in computer systems and services with an eye toward security.
NIST involvement in "digital sleuthing," or the use of computers in detective work, often allows the division to team up with a consortium of law-enforcement agencies to develop computer forensics technology. NIST and CSD scientists worked with agents from the Federal Bureau of Investigation, United States Customs Service, and other agencies, along with software vendors, to create the National Software Reference Library (NSRL), which allows easier review of the contents of a computer, especially with regard to material potentially relevant to a criminal investigation. By examining file tag attachments NIST CSD programs can easily identify certain types of files (e.g., picture files that may be hidden in other programs).
Thanks to Presidential Decision Directive 63, signed by President William J. Clinton in 1998, NIST and CSD received $5 million (which was much less than the $50 million Clinton had requested from Congress) to encourage the development of secure information systems for support of the telecommunications, transportation, and government service infrastructures. In the country's heightened security environment after September 11, the work of CSD has become—like that of most agencies either within or at the periphery of the security and intelligence apparatus of the federal government—critical to national defense. Among the areas of focus for CSD are development of cryptographic standards and applications, security testing, and research in the interests of emerging technologies.
█ FURTHER READING:
Frank, Diane. "NIST Aims Grants at Systems Security." Federal Computer Week 15, no. 11 (April 23, 2001): 12.
Piazza, Peter. "Tools for Digital Sleuths." Security Management 46, no. 4 (April 2002): 36.
——. "E-mail and Patching Hints from NIST." Security Management 46, no. 7 (July 2002): 44.
Computer Security Division. National Institute of Standards and Technology. < http://csrc.nist.gov > (January 28, 2003).