NIST launches cybersecurity community of interest for small businesses

It is intended to improve the two-way sharing of information and cybersecurity best practice between the Department of Commerce agency and small enterprises across the U.S.
Deputy Secretary of Commerce Don Graves, Under Secretary of Commerce for Standards and Technology and NIST Director Laurie E. Locascio, Maryland Secretary of Commerce Kevin Anderson and Montgomery County, Maryland Executive Marc Elrich renew a cyber cooperation agreement between federal, state and local entities. (Image credit: Rich Press / NIST)

The National Institute of Standards and Technology has launched a new cybersecurity community of interest for small businesses across the United States.

Senior leaders at the Department of Commerce agency on Monday announced the new program at an event at its National Cybersecurity Center of Excellence in Maryland.

The launch of the initiative comes after the Biden administration last week issued a new National Cyber Strategy, which sought to “fundamentally reimagine” America’s cyber social contract, notably by shifting the responsibility for maintaining the security of computer systems away from consumers and small businesses onto larger software makers.

The program is intended to foster greater collaboration between NIST and small enterprises that both provide and consume cybersecurity services. Senior officials say it is expected to help improve the two-way sharing of information and best practices that has formed a cornerstone of the Biden administration’s cybersecurity policy.


Deputy Secretary of Commerce Don Graves at the event underscored the importance of NIST’s relationship with the private sector and its work to provide business owners with clear, actionable cybersecurity guidance.

“NIST’s small business community of interest, which will not just include but go beyond activities that fall under NCCoE’s cybersecurity connections effort, aims to better reflect smaller companies’ needs – the interests and capabilities that they have – in all of NIST’s cybersecurity activities,” he said.

Graves added: “So smaller businesses that participate in this effort will inform NIST’s decisions about its broad portfolio of cybersecurity activities to ensure that they are as relevant and effective as ever. Again, practical solutions – solutions that actually work for companies, for communities all across the country. Whether you’re here in Montgomery County, you’re in Idaho, you’re in rural Alaska … doesn’t really matter. They will help to ensure that NIST guidance is both meaningful and practical for the smaller companies and other organizations to put into use.”

During the event, NCCoE Deputy Director Natalia Martin called on small businesses to use the new initiative to engage with the center and said it would acknowledge and be receptive to any input it receives.

“You have the opportunity to make your voice heard, and we will always respond to you … please take advantage of this opportunity,” Martin said. “Every single project we do, we ask [the question]: What does this mean for small business?”


NIST also during the event celebrated the renewal of a collaborative partnership between the agency’s Cybersecurity Center of Excellence, the state of Maryland and Montgomery County. It represents the extension of a three-way partnership that was first signed when the center was launched in 2012, with the intention of helping to accelerate cybersecurity research and development while ensuring local businesses and communities benefit from related innovation.

Latest Podcasts