publicdata/nist-gov
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nist-gov/www.nist.gov/speech-testimony/securing-dotgov-examining-efforts-strengthen-federal-network-cybersecurity
Scott Williams 4063bef310 Initital commit.
2025-03-05 18:59:57 +00:00

948 lines
102 KiB
Text
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html lang="en" dir="ltr" prefix="content: http://purl.org/rss/1.0/modules/content/ dc: http://purl.org/dc/terms/ foaf: http://xmlns.com/foaf/0.1/ og: http://ogp.me/ns# rdfs: http://www.w3.org/2000/01/rdf-schema# schema: http://schema.org/ sioc: http://rdfs.org/sioc/ns# sioct: http://rdfs.org/sioc/types# skos: http://www.w3.org/2004/02/skos/core# xsd: http://www.w3.org/2001/XMLSchema# ">
<head>
<meta charset="utf-8" /><script type="text/javascript">(window.NREUM||(NREUM={})).init={ajax:{deny_list:["bam.nr-data.net"]}};(window.NREUM||(NREUM={})).loader_config={licenseKey:"37b7ccb661",applicationID:"1089704227"};;/*! For license information please see nr-loader-rum-1.283.2.min.js.LICENSE.txt */
(()=>{var e,t,r={122:(e,t,r)=>{"use strict";r.d(t,{a:()=>i});var n=r(944);function i(e,t){try{if(!e||"object"!=typeof e)return(0,n.R)(3);if(!t||"object"!=typeof t)return(0,n.R)(4);const r=Object.create(Object.getPrototypeOf(t),Object.getOwnPropertyDescriptors(t)),o=0===Object.keys(r).length?e:r;for(let a in o)if(void 0!==e[a])try{if(null===e[a]){r[a]=null;continue}Array.isArray(e[a])&&Array.isArray(t[a])?r[a]=Array.from(new Set([...e[a],...t[a]])):"object"==typeof e[a]&&"object"==typeof t[a]?r[a]=i(e[a],t[a]):r[a]=e[a]}catch(e){(0,n.R)(1,e)}return r}catch(e){(0,n.R)(2,e)}}},555:(e,t,r)=>{"use strict";r.d(t,{Vp:()=>c,fn:()=>s,x1:()=>u});var n=r(384),i=r(122);const o={beacon:n.NT.beacon,errorBeacon:n.NT.errorBeacon,licenseKey:void 0,applicationID:void 0,sa:void 0,queueTime:void 0,applicationTime:void 0,ttGuid:void 0,user:void 0,account:void 0,product:void 0,extra:void 0,jsAttributes:{},userAttributes:void 0,atts:void 0,transactionName:void 0,tNamePlain:void 0},a={};function s(e){try{const t=c(e);return!!t.licenseKey&&!!t.errorBeacon&&!!t.applicationID}catch(e){return!1}}function c(e){if(!e)throw new Error("All info objects require an agent identifier!");if(!a[e])throw new Error("Info for ".concat(e," was never set"));return a[e]}function u(e,t){if(!e)throw new Error("All info objects require an agent identifier!");a[e]=(0,i.a)(t,o);const r=(0,n.nY)(e);r&&(r.info=a[e])}},217:(e,t,r)=>{"use strict";r.d(t,{D0:()=>m,gD:()=>v,xN:()=>h});r(860).K7.genericEvents;const n="experimental.marks",i="experimental.measures",o="experimental.resources",a=e=>{if(!e||"string"!=typeof e)return!1;try{document.createDocumentFragment().querySelector(e)}catch{return!1}return!0};var s=r(614),c=r(944),u=r(384),l=r(122);const d="[data-nr-mask]",f=()=>{const e={feature_flags:[],experimental:{marks:!1,measures:!1,resources:!1},mask_selector:"*",block_selector:"[data-nr-block]",mask_input_options:{color:!1,date:!1,"datetime-local":!1,email:!1,month:!1,number:!1,range:!1,search:!1,tel:!1,text:!1,time:!1,url:!1,week:!1,textarea:!1,select:!1,password:!0}};return{ajax:{deny_list:void 0,block_internal:!0,enabled:!0,autoStart:!0},distributed_tracing:{enabled:void 0,exclude_newrelic_header:void 0,cors_use_newrelic_header:void 0,cors_use_tracecontext_headers:void 0,allowed_origins:void 0},get feature_flags(){return e.feature_flags},set feature_flags(t){e.feature_flags=t},generic_events:{enabled:!0,autoStart:!0},harvest:{interval:30},jserrors:{enabled:!0,autoStart:!0},logging:{enabled:!0,autoStart:!0},metrics:{enabled:!0,autoStart:!0},obfuscate:void 0,page_action:{enabled:!0},page_view_event:{enabled:!0,autoStart:!0},page_view_timing:{enabled:!0,autoStart:!0},performance:{get capture_marks(){return e.feature_flags.includes(n)||e.experimental.marks},set capture_marks(t){e.experimental.marks=t},get capture_measures(){return e.feature_flags.includes(i)||e.experimental.measures},set capture_measures(t){e.experimental.measures=t},capture_detail:!0,resources:{get enabled(){return e.feature_flags.includes(o)||e.experimental.resources},set enabled(t){e.experimental.resources=t},asset_types:[],first_party_domains:[],ignore_newrelic:!0}},privacy:{cookies_enabled:!0},proxy:{assets:void 0,beacon:void 0},session:{expiresMs:s.wk,inactiveMs:s.BB},session_replay:{autoStart:!0,enabled:!1,preload:!1,sampling_rate:10,error_sampling_rate:100,collect_fonts:!1,inline_images:!1,fix_stylesheets:!0,mask_all_inputs:!0,get mask_text_selector(){return e.mask_selector},set mask_text_selector(t){a(t)?e.mask_selector="".concat(t,",").concat(d):""===t||null===t?e.mask_selector=d:(0,c.R)(5,t)},get block_class(){return"nr-block"},get ignore_class(){return"nr-ignore"},get mask_text_class(){return"nr-mask"},get block_selector(){return e.block_selector},set block_selector(t){a(t)?e.block_selector+=",".concat(t):""!==t&&(0,c.R)(6,t)},get mask_input_options(){return e.mask_input_options},set mask_input_options(t){t&&"object"==typeof t?e.mask_input_options={...t,password:!0}:(0,c.R)(7,t)}},session_trace:{enabled:!0,autoStart:!0},soft_navigations:{enabled:!0,autoStart:!0},spa:{enabled:!0,autoStart:!0},ssl:void 0,user_actions:{enabled:!0,elementAttributes:["id","className","tagName","type"]}}},g={},p="All configuration objects require an agent identifier!";function m(e){if(!e)throw new Error(p);if(!g[e])throw new Error("Configuration for ".concat(e," was never set"));return g[e]}function h(e,t){if(!e)throw new Error(p);g[e]=(0,l.a)(t,f());const r=(0,u.nY)(e);r&&(r.init=g[e])}function v(e,t){if(!e)throw new Error(p);var r=m(e);if(r){for(var n=t.split("."),i=0;i<n.length-1;i++)if("object"!=typeof(r=r[n[i]]))return;r=r[n[n.length-1]]}return r}},371:(e,t,r)=>{"use strict";r.d(t,{V:()=>f,f:()=>d});var n=r(122),i=r(384),o=r(154),a=r(324);let s=0;const c={buildEnv:a.F3,distMethod:a.Xs,version:a.xv,originTime:o.WN},u={customTransaction:void 0,disabled:!1,isolatedBacklog:!1,loaderType:void 0,maxBytes:3e4,onerror:void 0,ptid:void 0,releaseIds:{},appMetadata:{},session:void 0,denyList:void 0,timeKeeper:void 0,obfuscator:void 0,harvester:void 0},l={};function d(e){if(!e)throw new Error("All runtime objects require an agent identifier!");if(!l[e])throw new Error("Runtime for ".concat(e," was never set"));return l[e]}function f(e,t){if(!e)throw new Error("All runtime objects require an agent identifier!");l[e]={...(0,n.a)(t,u),...c},Object.hasOwnProperty.call(l[e],"harvestCount")||Object.defineProperty(l[e],"harvestCount",{get:()=>++s});const r=(0,i.nY)(e);r&&(r.runtime=l[e])}},324:(e,t,r)=>{"use strict";r.d(t,{F3:()=>i,Xs:()=>o,xv:()=>n});const n="1.283.2",i="PROD",o="CDN"},154:(e,t,r)=>{"use strict";r.d(t,{OF:()=>c,RI:()=>i,WN:()=>l,bv:()=>o,gm:()=>a,mw:()=>s,sb:()=>u});var n=r(863);const i="undefined"!=typeof window&&!!window.document,o="undefined"!=typeof WorkerGlobalScope&&("undefined"!=typeof self&&self instanceof WorkerGlobalScope&&self.navigator instanceof WorkerNavigator||"undefined"!=typeof globalThis&&globalThis instanceof WorkerGlobalScope&&globalThis.navigator instanceof WorkerNavigator),a=i?window:"undefined"!=typeof WorkerGlobalScope&&("undefined"!=typeof self&&self instanceof WorkerGlobalScope&&self||"undefined"!=typeof globalThis&&globalThis instanceof WorkerGlobalScope&&globalThis),s=Boolean("hidden"===a?.document?.visibilityState),c=/iPad|iPhone|iPod/.test(a.navigator?.userAgent),u=c&&"undefined"==typeof SharedWorker,l=((()=>{const e=a.navigator?.userAgent?.match(/Firefox[/\s](\d+\.\d+)/);Array.isArray(e)&&e.length>=2&&e[1]})(),Date.now()-(0,n.t)())},687:(e,t,r)=>{"use strict";r.d(t,{Ak:()=>c,Ze:()=>d,x3:()=>u});var n=r(836),i=r(606),o=r(860),a=r(646);const s={};function c(e,t){const r={staged:!1,priority:o.P3[t]||0};l(e),s[e].get(t)||s[e].set(t,r)}function u(e,t){e&&s[e]&&(s[e].get(t)&&s[e].delete(t),g(e,t,!1),s[e].size&&f(e))}function l(e){if(!e)throw new Error("agentIdentifier required");s[e]||(s[e]=new Map)}function d(e="",t="feature",r=!1){if(l(e),!e||!s[e].get(t)||r)return g(e,t);s[e].get(t).staged=!0,f(e)}function f(e){const t=Array.from(s[e]);t.every((([e,t])=>t.staged))&&(t.sort(((e,t)=>e[1].priority-t[1].priority)),t.forEach((([t])=>{s[e].delete(t),g(e,t)})))}function g(e,t,r=!0){const o=e?n.ee.get(e):n.ee,s=i.i.handlers;if(!o.aborted&&o.backlog&&s){if(r){const e=o.backlog[t],r=s[t];if(r){for(let t=0;e&&t<e.length;++t)p(e[t],r);Object.entries(r).forEach((([e,t])=>{Object.values(t||{}).forEach((t=>{t[0]?.on&&t[0]?.context()instanceof a.y&&t[0].on(e,t[1])}))}))}}o.isolatedBacklog||delete s[t],o.backlog[t]=null,o.emit("drain-"+t,[])}}function p(e,t){var r=e[1];Object.values(t[r]||{}).forEach((t=>{var r=e[0];if(t[0]===r){var n=t[1],i=e[3],o=e[2];n.apply(i,o)}}))}},836:(e,t,r)=>{"use strict";r.d(t,{P:()=>c,ee:()=>u});var n=r(384),i=r(990),o=r(371),a=r(646),s=r(607);const c="nr@context:".concat(s.W),u=function e(t,r){var n={},s={},l={},d=!1;try{d=16===r.length&&(0,o.f)(r).isolatedBacklog}catch(e){}var f={on:p,addEventListener:p,removeEventListener:function(e,t){var r=n[e];if(!r)return;for(var i=0;i<r.length;i++)r[i]===t&&r.splice(i,1)},emit:function(e,r,n,i,o){!1!==o&&(o=!0);if(u.aborted&&!i)return;t&&o&&t.emit(e,r,n);for(var a=g(n),c=m(e),l=c.length,d=0;d<l;d++)c[d].apply(a,r);var p=v()[s[e]];p&&p.push([f,e,r,a]);return a},get:h,listeners:m,context:g,buffer:function(e,t){const r=v();if(t=t||"feature",f.aborted)return;Object.entries(e||{}).forEach((([e,n])=>{s[n]=t,t in r||(r[t]=[])}))},abort:function(){f._aborted=!0,Object.keys(f.backlog).forEach((e=>{delete f.backlog[e]}))},isBuffering:function(e){return!!v()[s[e]]},debugId:r,backlog:d?{}:t&&"object"==typeof t.backlog?t.backlog:{},isolatedBacklog:d};return Object.defineProperty(f,"aborted",{get:()=>{let e=f._aborted||!1;return e||(t&&(e=t.aborted),e)}}),f;function g(e){return e&&e instanceof a.y?e:e?(0,i.I)(e,c,(()=>new a.y(c))):new a.y(c)}function p(e,t){n[e]=m(e).concat(t)}function m(e){return n[e]||[]}function h(t){return l[t]=l[t]||e(f,t)}function v(){return f.backlog}}(void 0,"globalEE"),l=(0,n.Zm)();l.ee||(l.ee=u)},646:(e,t,r)=>{"use strict";r.d(t,{y:()=>n});class n{constructor(e){this.contextId=e}}},908:(e,t,r)=>{"use strict";r.d(t,{d:()=>n,p:()=>i});var n=r(836).ee.get("handle");function i(e,t,r,i,o){o?(o.buffer([e],i),o.emit(e,t,r)):(n.buffer([e],i),n.emit(e,t,r))}},606:(e,t,r)=>{"use strict";r.d(t,{i:()=>o});var n=r(908);o.on=a;var i=o.handlers={};function o(e,t,r,o){a(o||n.d,i,e,t,r)}function a(e,t,r,i,o){o||(o="feature"),e||(e=n.d);var a=t[o]=t[o]||{};(a[r]=a[r]||[]).push([e,i])}},878:(e,t,r)=>{"use strict";function n(e,t){return{capture:e,passive:!1,signal:t}}function i(e,t,r=!1,i){window.addEventListener(e,t,n(r,i))}function o(e,t,r=!1,i){document.addEventListener(e,t,n(r,i))}r.d(t,{DD:()=>o,jT:()=>n,sp:()=>i})},607:(e,t,r)=>{"use strict";r.d(t,{W:()=>n});const n=(0,r(566).bz)()},566:(e,t,r)=>{"use strict";r.d(t,{LA:()=>s,bz:()=>a});var n=r(154);const i="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx";function o(e,t){return e?15&e[t]:16*Math.random()|0}function a(){const e=n.gm?.crypto||n.gm?.msCrypto;let t,r=0;return e&&e.getRandomValues&&(t=e.getRandomValues(new Uint8Array(30))),i.split("").map((e=>"x"===e?o(t,r++).toString(16):"y"===e?(3&o()|8).toString(16):e)).join("")}function s(e){const t=n.gm?.crypto||n.gm?.msCrypto;let r,i=0;t&&t.getRandomValues&&(r=t.getRandomValues(new Uint8Array(e)));const a=[];for(var s=0;s<e;s++)a.push(o(r,i++).toString(16));return a.join("")}},614:(e,t,r)=>{"use strict";r.d(t,{BB:()=>a,H3:()=>n,g:()=>u,iL:()=>c,tS:()=>s,uh:()=>i,wk:()=>o});const n="NRBA",i="SESSION",o=144e5,a=18e5,s={STARTED:"session-started",PAUSE:"session-pause",RESET:"session-reset",RESUME:"session-resume",UPDATE:"session-update"},c={SAME_TAB:"same-tab",CROSS_TAB:"cross-tab"},u={OFF:0,FULL:1,ERROR:2}},863:(e,t,r)=>{"use strict";function n(){return Math.floor(performance.now())}r.d(t,{t:()=>n})},944:(e,t,r)=>{"use strict";function n(e,t){"function"==typeof console.debug&&console.debug("New Relic Warning: https://github.com/newrelic/newrelic-browser-agent/blob/main/docs/warning-codes.md#".concat(e),t)}r.d(t,{R:()=>n})},284:(e,t,r)=>{"use strict";r.d(t,{t:()=>c,B:()=>s});var n=r(836),i=r(154);const o="newrelic";const a=new Set,s={};function c(e,t){const r=n.ee.get(t);s[t]??={},e&&"object"==typeof e&&(a.has(t)||(r.emit("rumresp",[e]),s[t]=e,a.add(t),function(e={}){try{i.gm.dispatchEvent(new CustomEvent(o,{detail:e}))}catch(e){}}({loaded:!0})))}},990:(e,t,r)=>{"use strict";r.d(t,{I:()=>i});var n=Object.prototype.hasOwnProperty;function i(e,t,r){if(n.call(e,t))return e[t];var i=r();if(Object.defineProperty&&Object.keys)try{return Object.defineProperty(e,t,{value:i,writable:!0,enumerable:!1}),i}catch(e){}return e[t]=i,i}},389:(e,t,r)=>{"use strict";function n(e,t=500,r={}){const n=r?.leading||!1;let i;return(...r)=>{n&&void 0===i&&(e.apply(this,r),i=setTimeout((()=>{i=clearTimeout(i)}),t)),n||(clearTimeout(i),i=setTimeout((()=>{e.apply(this,r)}),t))}}function i(e){let t=!1;return(...r)=>{t||(t=!0,e.apply(this,r))}}r.d(t,{J:()=>i,s:()=>n})},289:(e,t,r)=>{"use strict";r.d(t,{GG:()=>o,sB:()=>a});var n=r(878);function i(){return"undefined"==typeof document||"complete"===document.readyState}function o(e,t){if(i())return e();(0,n.sp)("load",e,t)}function a(e){if(i())return e();(0,n.DD)("DOMContentLoaded",e)}},384:(e,t,r)=>{"use strict";r.d(t,{NT:()=>o,US:()=>l,Zm:()=>a,bQ:()=>c,dV:()=>s,nY:()=>u,pV:()=>d});var n=r(154),i=r(863);const o={beacon:"bam.nr-data.net",errorBeacon:"bam.nr-data.net"};function a(){return n.gm.NREUM||(n.gm.NREUM={}),void 0===n.gm.newrelic&&(n.gm.newrelic=n.gm.NREUM),n.gm.NREUM}function s(){let e=a();return e.o||(e.o={ST:n.gm.setTimeout,SI:n.gm.setImmediate,CT:n.gm.clearTimeout,XHR:n.gm.XMLHttpRequest,REQ:n.gm.Request,EV:n.gm.Event,PR:n.gm.Promise,MO:n.gm.MutationObserver,FETCH:n.gm.fetch,WS:n.gm.WebSocket}),e}function c(e,t){let r=a();r.initializedAgents??={},t.initializedAt={ms:(0,i.t)(),date:new Date},r.initializedAgents[e]=t}function u(e){let t=a();return t.initializedAgents?.[e]}function l(e,t){a()[e]=t}function d(){return function(){let e=a();const t=e.info||{};e.info={beacon:o.beacon,errorBeacon:o.errorBeacon,...t}}(),function(){let e=a();const t=e.init||{};e.init={...t}}(),s(),function(){let e=a();const t=e.loader_config||{};e.loader_config={...t}}(),a()}},843:(e,t,r)=>{"use strict";r.d(t,{u:()=>i});var n=r(878);function i(e,t=!1,r,i){(0,n.DD)("visibilitychange",(function(){if(t)return void("hidden"===document.visibilityState&&e());e(document.visibilityState)}),r,i)}},434:(e,t,r)=>{"use strict";r.d(t,{Jt:()=>o,YM:()=>c});var n=r(836),i=r(607);const o="nr@original:".concat(i.W);var a=Object.prototype.hasOwnProperty,s=!1;function c(e,t){return e||(e=n.ee),r.inPlace=function(e,t,n,i,o){n||(n="");const a="-"===n.charAt(0);for(let s=0;s<t.length;s++){const c=t[s],u=e[c];l(u)||(e[c]=r(u,a?c+n:n,i,c,o))}},r.flag=o,r;function r(t,r,n,s,c){return l(t)?t:(r||(r=""),nrWrapper[o]=t,function(e,t,r){if(Object.defineProperty&&Object.keys)try{return Object.keys(e).forEach((function(r){Object.defineProperty(t,r,{get:function(){return e[r]},set:function(t){return e[r]=t,t}})})),t}catch(e){u([e],r)}for(var n in e)a.call(e,n)&&(t[n]=e[n])}(t,nrWrapper,e),nrWrapper);function nrWrapper(){var o,a,l,d;try{a=this,o=[...arguments],l="function"==typeof n?n(o,a):n||{}}catch(t){u([t,"",[o,a,s],l],e)}i(r+"start",[o,a,s],l,c);try{return d=t.apply(a,o)}catch(e){throw i(r+"err",[o,a,e],l,c),e}finally{i(r+"end",[o,a,d],l,c)}}}function i(r,n,i,o){if(!s||t){var a=s;s=!0;try{e.emit(r,n,i,t,o)}catch(t){u([t,r,n,i],e)}s=a}}}function u(e,t){t||(t=n.ee);try{t.emit("internal-error",e)}catch(e){}}function l(e){return!(e&&"function"==typeof e&&e.apply&&!e[o])}},993:(e,t,r)=>{"use strict";r.d(t,{A$:()=>o,ET:()=>a,p_:()=>i});var n=r(860);const i={ERROR:"ERROR",WARN:"WARN",INFO:"INFO",DEBUG:"DEBUG",TRACE:"TRACE"},o={OFF:0,ERROR:1,WARN:2,INFO:3,DEBUG:4,TRACE:5},a="log";n.K7.logging},773:(e,t,r)=>{"use strict";r.d(t,{z_:()=>o,XG:()=>s,TZ:()=>n,rs:()=>i,xV:()=>a});r(154),r(566),r(384);const n=r(860).K7.metrics,i="sm",o="cm",a="storeSupportabilityMetrics",s="storeEventMetrics"},630:(e,t,r)=>{"use strict";r.d(t,{T:()=>n});const n=r(860).K7.pageViewEvent},782:(e,t,r)=>{"use strict";r.d(t,{T:()=>n});const n=r(860).K7.pageViewTiming},344:(e,t,r)=>{"use strict";r.d(t,{G4:()=>i});var n=r(614);r(860).K7.sessionReplay;const i={RECORD:"recordReplay",PAUSE:"pauseReplay",REPLAY_RUNNING:"replayRunning",ERROR_DURING_REPLAY:"errorDuringReplay"};n.g.ERROR,n.g.FULL,n.g.OFF},234:(e,t,r)=>{"use strict";r.d(t,{W:()=>o});var n=r(836),i=r(687);class o{constructor(e,t){this.agentIdentifier=e,this.ee=n.ee.get(e),this.featureName=t,this.blocked=!1}deregisterDrain(){(0,i.x3)(this.agentIdentifier,this.featureName)}}},603:(e,t,r)=>{"use strict";r.d(t,{j:()=>K});var n=r(860),i=r(555),o=r(371),a=r(908),s=r(836),c=r(687),u=r(289),l=r(154),d=r(944),f=r(773),g=r(384),p=r(344);const m=["setErrorHandler","finished","addToTrace","addRelease","recordCustomEvent","addPageAction","setCurrentRouteName","setPageViewName","setCustomAttribute","interaction","noticeError","setUserId","setApplicationVersion","start",p.G4.RECORD,p.G4.PAUSE,"log","wrapLogger"],h=["setErrorHandler","finished","addToTrace","addRelease"];var v=r(863),b=r(614),y=r(993);var w=r(646),R=r(434);const A=new Map;function E(e,t,r,n){if("object"!=typeof t||!t||"string"!=typeof r||!r||"function"!=typeof t[r])return(0,d.R)(29);const i=function(e){return(e||s.ee).get("logger")}(e),o=(0,R.YM)(i),a=new w.y(s.P);a.level=n.level,a.customAttributes=n.customAttributes;const c=t[r]?.[R.Jt]||t[r];return A.set(c,a),o.inPlace(t,[r],"wrap-logger-",(()=>A.get(c))),i}function _(){const e=(0,g.pV)();m.forEach((t=>{e[t]=(...r)=>function(t,...r){let n=[];return Object.values(e.initializedAgents).forEach((e=>{e&&e.api?e.exposed&&e.api[t]&&n.push(e.api[t](...r)):(0,d.R)(38,t)})),n.length>1?n:n[0]}(t,...r)}))}const x={};function N(e,t,g=!1){t||(0,c.Ak)(e,"api");const m={};var w=s.ee.get(e),R=w.get("tracer");x[e]=b.g.OFF,w.on(p.G4.REPLAY_RUNNING,(t=>{x[e]=t}));var A="api-",_=A+"ixn-";function N(t,r,n,o){const a=(0,i.Vp)(e);return null===r?delete a.jsAttributes[t]:(0,i.x1)(e,{...a,jsAttributes:{...a.jsAttributes,[t]:r}}),j(A,n,!0,o||null===r?"session":void 0)(t,r)}function k(){}m.log=function(e,{customAttributes:t={},level:r=y.p_.INFO}={}){(0,a.p)(f.xV,["API/log/called"],void 0,n.K7.metrics,w),function(e,t,r={},i=y.p_.INFO){(0,a.p)(f.xV,["API/logging/".concat(i.toLowerCase(),"/called")],void 0,n.K7.metrics,e),(0,a.p)(y.ET,[(0,v.t)(),t,r,i],void 0,n.K7.logging,e)}(w,e,t,r)},m.wrapLogger=(e,t,{customAttributes:r={},level:i=y.p_.INFO}={})=>{(0,a.p)(f.xV,["API/wrapLogger/called"],void 0,n.K7.metrics,w),E(w,e,t,{customAttributes:r,level:i})},h.forEach((e=>{m[e]=j(A,e,!0,"api")})),m.addPageAction=j(A,"addPageAction",!0,n.K7.genericEvents),m.recordCustomEvent=j(A,"recordCustomEvent",!0,n.K7.genericEvents),m.setPageViewName=function(t,r){if("string"==typeof t)return"/"!==t.charAt(0)&&(t="/"+t),(0,o.f)(e).customTransaction=(r||"http://custom.transaction")+t,j(A,"setPageViewName",!0)()},m.setCustomAttribute=function(e,t,r=!1){if("string"==typeof e){if(["string","number","boolean"].includes(typeof t)||null===t)return N(e,t,"setCustomAttribute",r);(0,d.R)(40,typeof t)}else(0,d.R)(39,typeof e)},m.setUserId=function(e){if("string"==typeof e||null===e)return N("enduser.id",e,"setUserId",!0);(0,d.R)(41,typeof e)},m.setApplicationVersion=function(e){if("string"==typeof e||null===e)return N("application.version",e,"setApplicationVersion",!1);(0,d.R)(42,typeof e)},m.start=()=>{try{(0,a.p)(f.xV,["API/start/called"],void 0,n.K7.metrics,w),w.emit("manual-start-all")}catch(e){(0,d.R)(23,e)}},m[p.G4.RECORD]=function(){(0,a.p)(f.xV,["API/recordReplay/called"],void 0,n.K7.metrics,w),(0,a.p)(p.G4.RECORD,[],void 0,n.K7.sessionReplay,w)},m[p.G4.PAUSE]=function(){(0,a.p)(f.xV,["API/pauseReplay/called"],void 0,n.K7.metrics,w),(0,a.p)(p.G4.PAUSE,[],void 0,n.K7.sessionReplay,w)},m.interaction=function(e){return(new k).get("object"==typeof e?e:{})};const T=k.prototype={createTracer:function(e,t){var r={},i=this,o="function"==typeof t;return(0,a.p)(f.xV,["API/createTracer/called"],void 0,n.K7.metrics,w),g||(0,a.p)(_+"tracer",[(0,v.t)(),e,r],i,n.K7.spa,w),function(){if(R.emit((o?"":"no-")+"fn-start",[(0,v.t)(),i,o],r),o)try{return t.apply(this,arguments)}catch(e){const t="string"==typeof e?new Error(e):e;throw R.emit("fn-err",[arguments,this,t],r),t}finally{R.emit("fn-end",[(0,v.t)()],r)}}}};function j(e,t,r,i){return function(){return(0,a.p)(f.xV,["API/"+t+"/called"],void 0,n.K7.metrics,w),i&&(0,a.p)(e+t,[r?(0,v.t)():performance.now(),...arguments],r?null:this,i,w),r?void 0:this}}function I(){r.e(296).then(r.bind(r,778)).then((({setAPI:t})=>{t(e),(0,c.Ze)(e,"api")})).catch((e=>{(0,d.R)(27,e),w.abort()}))}return["actionText","setName","setAttribute","save","ignore","onEnd","getContext","end","get"].forEach((e=>{T[e]=j(_,e,void 0,g?n.K7.softNav:n.K7.spa)})),m.setCurrentRouteName=g?j(_,"routeName",void 0,n.K7.softNav):j(A,"routeName",!0,n.K7.spa),m.noticeError=function(t,r){"string"==typeof t&&(t=new Error(t)),(0,a.p)(f.xV,["API/noticeError/called"],void 0,n.K7.metrics,w),(0,a.p)("err",[t,(0,v.t)(),!1,r,!!x[e]],void 0,n.K7.jserrors,w)},l.RI?(0,u.GG)((()=>I()),!0):I(),m}var k=r(217),T=r(122);const j={accountID:void 0,trustKey:void 0,agentID:void 0,licenseKey:void 0,applicationID:void 0,xpid:void 0},I={};var O=r(284);const S=e=>{const t=e.startsWith("http");e+="/",r.p=t?e:"https://"+e};let P=!1;function K(e,t={},r,n){let{init:a,info:c,loader_config:u,runtime:d={},exposed:f=!0}=t;d.loaderType=r;const p=(0,g.pV)();c||(a=p.init,c=p.info,u=p.loader_config),(0,k.xN)(e.agentIdentifier,a||{}),function(e,t){if(!e)throw new Error("All loader-config objects require an agent identifier!");I[e]=(0,T.a)(t,j);const r=(0,g.nY)(e);r&&(r.loader_config=I[e])}(e.agentIdentifier,u||{}),c.jsAttributes??={},l.bv&&(c.jsAttributes.isWorker=!0),(0,i.x1)(e.agentIdentifier,c);const m=(0,k.D0)(e.agentIdentifier),h=[c.beacon,c.errorBeacon];P||(m.proxy.assets&&(S(m.proxy.assets),h.push(m.proxy.assets)),m.proxy.beacon&&h.push(m.proxy.beacon),_(),(0,g.US)("activatedFeatures",O.B),e.runSoftNavOverSpa&&=!0===m.soft_navigations.enabled&&m.feature_flags.includes("soft_nav")),d.denyList=[...m.ajax.deny_list||[],...m.ajax.block_internal?h:[]],d.ptid=e.agentIdentifier,(0,o.V)(e.agentIdentifier,d),e.ee=s.ee.get(e.agentIdentifier),void 0===e.api&&(e.api=N(e.agentIdentifier,n,e.runSoftNavOverSpa)),void 0===e.exposed&&(e.exposed=f),P=!0}},374:(e,t,r)=>{r.nc=(()=>{try{return document?.currentScript?.nonce}catch(e){}return""})()},860:(e,t,r)=>{"use strict";r.d(t,{$J:()=>u,K7:()=>s,P3:()=>c,XX:()=>i,qY:()=>n,v4:()=>a});const n="events",i="jserrors",o="browser/blobs",a="rum",s={ajax:"ajax",genericEvents:"generic_events",jserrors:i,logging:"logging",metrics:"metrics",pageAction:"page_action",pageViewEvent:"page_view_event",pageViewTiming:"page_view_timing",sessionReplay:"session_replay",sessionTrace:"session_trace",softNav:"soft_navigations",spa:"spa"},c={[s.pageViewEvent]:1,[s.pageViewTiming]:2,[s.metrics]:3,[s.jserrors]:4,[s.spa]:5,[s.ajax]:6,[s.sessionTrace]:7,[s.softNav]:8,[s.sessionReplay]:9,[s.logging]:10,[s.genericEvents]:11},u={[s.pageViewEvent]:a,[s.pageViewTiming]:n,[s.ajax]:n,[s.spa]:n,[s.softNav]:n,[s.metrics]:i,[s.jserrors]:i,[s.sessionTrace]:o,[s.sessionReplay]:o,[s.logging]:"browser/logs",[s.genericEvents]:"ins"}}},n={};function i(e){var t=n[e];if(void 0!==t)return t.exports;var o=n[e]={exports:{}};return r[e](o,o.exports,i),o.exports}i.m=r,i.d=(e,t)=>{for(var r in t)i.o(t,r)&&!i.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:t[r]})},i.f={},i.e=e=>Promise.all(Object.keys(i.f).reduce(((t,r)=>(i.f[r](e,t),t)),[])),i.u=e=>"nr-rum-1.283.2.min.js",i.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="NRBA-1.283.2.PROD:",i.l=(r,n,o,a)=>{if(e[r])e[r].push(n);else{var s,c;if(void 0!==o)for(var u=document.getElementsByTagName("script"),l=0;l<u.length;l++){var d=u[l];if(d.getAttribute("src")==r||d.getAttribute("data-webpack")==t+o){s=d;break}}if(!s){c=!0;var f={296:"sha512-2Y8GMAOGF658KnXzOZ/v+DlLch8TBFvV0tTNnOy9wrpvtDa1t5CdZMyX+LubTymBlzPp6NUjllBghMCZqXBPmg=="};(s=document.createElement("script")).charset="utf-8",s.timeout=120,i.nc&&s.setAttribute("nonce",i.nc),s.setAttribute("data-webpack",t+o),s.src=r,0!==s.src.indexOf(window.location.origin+"/")&&(s.crossOrigin="anonymous"),f[a]&&(s.integrity=f[a])}e[r]=[n];var g=(t,n)=>{s.onerror=s.onload=null,clearTimeout(p);var i=e[r];if(delete e[r],s.parentNode&&s.parentNode.removeChild(s),i&&i.forEach((e=>e(n))),t)return t(n)},p=setTimeout(g.bind(null,void 0,{type:"timeout",target:s}),12e4);s.onerror=g.bind(null,s.onerror),s.onload=g.bind(null,s.onload),c&&document.head.appendChild(s)}},i.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},i.p="https://js-agent.newrelic.com/",(()=>{var e={374:0,840:0};i.f.j=(t,r)=>{var n=i.o(e,t)?e[t]:void 0;if(0!==n)if(n)r.push(n[2]);else{var o=new Promise(((r,i)=>n=e[t]=[r,i]));r.push(n[2]=o);var a=i.p+i.u(t),s=new Error;i.l(a,(r=>{if(i.o(e,t)&&(0!==(n=e[t])&&(e[t]=void 0),n)){var o=r&&("load"===r.type?"missing":r.type),a=r&&r.target&&r.target.src;s.message="Loading chunk "+t+" failed.\n("+o+": "+a+")",s.name="ChunkLoadError",s.type=o,s.request=a,n[1](s)}}),"chunk-"+t,t)}};var t=(t,r)=>{var n,o,[a,s,c]=r,u=0;if(a.some((t=>0!==e[t]))){for(n in s)i.o(s,n)&&(i.m[n]=s[n]);if(c)c(i)}for(t&&t(r);u<a.length;u++)o=a[u],i.o(e,o)&&e[o]&&e[o][0](),e[o]=0},r=self["webpackChunk:NRBA-1.283.2.PROD"]=self["webpackChunk:NRBA-1.283.2.PROD"]||[];r.forEach(t.bind(null,0)),r.push=t.bind(null,r.push.bind(r))})(),(()=>{"use strict";i(374);var e=i(944),t=i(344),r=i(566);class n{agentIdentifier;constructor(){this.agentIdentifier=(0,r.LA)(16)}#e(t,...r){if("function"==typeof this.api?.[t])return this.api[t](...r);(0,e.R)(35,t)}addPageAction(e,t){return this.#e("addPageAction",e,t)}recordCustomEvent(e,t){return this.#e("recordCustomEvent",e,t)}setPageViewName(e,t){return this.#e("setPageViewName",e,t)}setCustomAttribute(e,t,r){return this.#e("setCustomAttribute",e,t,r)}noticeError(e,t){return this.#e("noticeError",e,t)}setUserId(e){return this.#e("setUserId",e)}setApplicationVersion(e){return this.#e("setApplicationVersion",e)}setErrorHandler(e){return this.#e("setErrorHandler",e)}addRelease(e,t){return this.#e("addRelease",e,t)}log(e,t){return this.#e("log",e,t)}}class o extends n{#e(t,...r){if("function"==typeof this.api?.[t])return this.api[t](...r);(0,e.R)(35,t)}start(){return this.#e("start")}finished(e){return this.#e("finished",e)}recordReplay(){return this.#e(t.G4.RECORD)}pauseReplay(){return this.#e(t.G4.PAUSE)}addToTrace(e){return this.#e("addToTrace",e)}setCurrentRouteName(e){return this.#e("setCurrentRouteName",e)}interaction(){return this.#e("interaction")}wrapLogger(e,t,r){return this.#e("wrapLogger",e,t,r)}}var a=i(860),s=i(217);const c=Object.values(a.K7);function u(e){const t={};return c.forEach((r=>{t[r]=function(e,t){return!0===(0,s.gD)(t,"".concat(e,".enabled"))}(r,e)})),t}var l=i(603);var d=i(687),f=i(234),g=i(289),p=i(154),m=i(384);const h=e=>p.RI&&!0===(0,s.gD)(e,"privacy.cookies_enabled");function v(e){return!!(0,m.dV)().o.MO&&h(e)&&!0===(0,s.gD)(e,"session_trace.enabled")}var b=i(389);class y extends f.W{constructor(e,t,r=!0){super(e.agentIdentifier,t),this.auto=r,this.abortHandler=void 0,this.featAggregate=void 0,this.onAggregateImported=void 0,!1===e.init[this.featureName].autoStart&&(this.auto=!1),this.auto?(0,d.Ak)(e.agentIdentifier,t):this.ee.on("manual-start-all",(0,b.J)((()=>{(0,d.Ak)(e.agentIdentifier,this.featureName),this.auto=!0,this.importAggregator(e)})))}importAggregator(t,r={}){if(this.featAggregate||!this.auto)return;let n;this.onAggregateImported=new Promise((e=>{n=e}));const o=async()=>{let o;try{if(h(this.agentIdentifier)){const{setupAgentSession:e}=await i.e(296).then(i.bind(i,861));o=e(t)}}catch(t){(0,e.R)(20,t),this.ee.emit("internal-error",[t]),this.featureName===a.K7.sessionReplay&&this.abortHandler?.()}try{if(!this.#t(this.featureName,o))return(0,d.Ze)(this.agentIdentifier,this.featureName),void n(!1);const{lazyFeatureLoader:e}=await i.e(296).then(i.bind(i,103)),{Aggregate:a}=await e(this.featureName,"aggregate");this.featAggregate=new a(t,r),t.runtime.harvester.initializedAggregates.push(this.featAggregate),n(!0)}catch(t){(0,e.R)(34,t),this.abortHandler?.(),(0,d.Ze)(this.agentIdentifier,this.featureName,!0),n(!1),this.ee&&this.ee.abort()}};p.RI?(0,g.GG)((()=>o()),!0):o()}#t(e,t){switch(e){case a.K7.sessionReplay:return v(this.agentIdentifier)&&!!t;case a.K7.sessionTrace:return!!t;default:return!0}}}var w=i(630);class R extends y{static featureName=w.T;constructor(e,t=!0){super(e,w.T,t),this.importAggregator(e)}}var A=i(908),E=i(843),_=i(878),x=i(782),N=i(863);class k extends y{static featureName=x.T;constructor(e,t=!0){super(e,x.T,t),p.RI&&((0,E.u)((()=>(0,A.p)("docHidden",[(0,N.t)()],void 0,x.T,this.ee)),!0),(0,_.sp)("pagehide",(()=>(0,A.p)("winPagehide",[(0,N.t)()],void 0,x.T,this.ee))),this.importAggregator(e))}}var T=i(773);class j extends y{static featureName=T.TZ;constructor(e,t=!0){super(e,T.TZ,t),this.importAggregator(e)}}new class extends o{constructor(t){super(),p.gm?(this.features={},(0,m.bQ)(this.agentIdentifier,this),this.desiredFeatures=new Set(t.features||[]),this.desiredFeatures.add(R),this.runSoftNavOverSpa=[...this.desiredFeatures].some((e=>e.featureName===a.K7.softNav)),(0,l.j)(this,t,t.loaderType||"agent"),this.run()):(0,e.R)(21)}get config(){return{info:this.info,init:this.init,loader_config:this.loader_config,runtime:this.runtime}}run(){try{const t=u(this.agentIdentifier),r=[...this.desiredFeatures];r.sort(((e,t)=>a.P3[e.featureName]-a.P3[t.featureName])),r.forEach((r=>{if(!t[r.featureName]&&r.featureName!==a.K7.pageViewEvent)return;if(this.runSoftNavOverSpa&&r.featureName===a.K7.spa)return;if(!this.runSoftNavOverSpa&&r.featureName===a.K7.softNav)return;const n=function(e){switch(e){case a.K7.ajax:return[a.K7.jserrors];case a.K7.sessionTrace:return[a.K7.ajax,a.K7.pageViewEvent];case a.K7.sessionReplay:return[a.K7.sessionTrace];case a.K7.pageViewTiming:return[a.K7.pageViewEvent];default:return[]}}(r.featureName).filter((e=>!(e in this.features)));n.length>0&&(0,e.R)(36,{targetFeature:r.featureName,missingDependencies:n}),this.features[r.featureName]=new r(this)}))}catch(t){(0,e.R)(22,t);for(const e in this.features)this.features[e].abortHandler?.();const r=(0,m.Zm)();delete r.initializedAgents[this.agentIdentifier]?.api,delete r.initializedAgents[this.agentIdentifier]?.features,delete this.sharedAggregator;return r.ee.get(this.agentIdentifier).abort(),!1}}}({features:[R,k,j],loaderType:"lite"})})()})();</script>
<noscript><style>form.antibot * :not(.antibot-message) { display: none !important; }</style>
</noscript><script async src="https://www.googletagmanager.com/gtag/js?id=G-HEQ0YF2VYL"></script>
<script>window.dataLayer = window.dataLayer || [];function gtag(){dataLayer.push(arguments)};gtag("js", new Date());gtag("set", "developer_id.dMDhkMT", true);gtag('set', {'cookie_flags': 'SameSite=None;Secure', 'cookie_domain': 'www.nist.gov'});gtag("config", "G-HEQ0YF2VYL", {"groups":"default","page_placeholder":"PLACEHOLDER_page_location","link_attribution":true,"allow_ad_personalization_signals":false});gtag("config", "G-CSLL4ZEK4L", {"groups":"default","page_placeholder":"PLACEHOLDER_page_location","link_attribution":true,"allow_ad_personalization_signals":false});gtag("event", "custom", {"node_title":"Securing the DotGov: Examining Efforts to Strengthen Federal Network Cybersecurity","node_id":"1703471","organization":"\u003Ca href=\u0022\/nist-organizations\/nist-headquarters\u0022 hreflang=\u0022en\u0022\u003ENIST Headquarters\u003C\/a\u003E, \u003Ca href=\u0022\/nist-organizations\/nist-headquarters\/laboratory-program","content_type":"Speeches\/Testimony"});</script>
<meta name="description" content="Chairwoman Clarke, Ranking Member Garbarino, and distinguished members of the Subcommittee, I am Dr" />
<link rel="canonical" href="https://www.nist.gov/speech-testimony/securing-dotgov-examining-efforts-strengthen-federal-network-cybersecurity" />
<link rel="shortlink" href="https://www.nist.gov/node/1703471" />
<meta name="citation_title" content="Securing the DotGov: Examining Efforts to Strengthen Federal Network Cybersecurity | NIST" />
<meta property="og:site_name" content="NIST" />
<meta property="og:type" content="Article" />
<meta property="og:url" content="https://www.nist.gov/speech-testimony/securing-dotgov-examining-efforts-strengthen-federal-network-cybersecurity" />
<meta property="og:title" content="Securing the DotGov: Examining Efforts to Strengthen Federal Network Cybersecurity" />
<meta property="og:description" content="Chairwoman Clarke, Ranking Member Garbarino, and distinguished members of the Subcommittee, I am Dr" />
<meta property="og:image" content="https://www.nist.gov/themes/custom/nist_www/img/homepage/nist_mark.png" />
<meta property="article:published_time" content="2022-05-17T08:00-04:00" />
<meta property="article:modified_time" content="2022-05-18T14:16-04:00" />
<meta name="dcterms.title" content="Securing the DotGov: Examining Efforts to Strengthen Federal Network Cybersecurity" />
<meta name="dcterms.description" content="Chairwoman Clarke, Ranking Member Garbarino, and distinguished members of the Subcommittee, I am Dr" />
<meta name="dcterms.date" content="2022-05-17T08:00-04:00" />
<meta name="dcterms.type" content="text" />
<meta name="dcterms.format" content="text/html" />
<meta name="dcterms.identifier" content="https://www.nist.gov/speech-testimony/securing-dotgov-examining-efforts-strengthen-federal-network-cybersecurity" />
<meta name="dcterms.source" content="NIST" />
<meta name="dcterms.created" content="2022-05-17T08:00-04:00" />
<meta name="dcterms.modified" content="2022-05-18T14:16-04:00" />
<meta name="twitter:card" content="summary_large_image" />
<meta name="twitter:description" content="Chairwoman Clarke, Ranking Member Garbarino, and distinguished members of the Subcommittee, I am Dr" />
<meta name="twitter:site" content="NIST" />
<meta name="twitter:title" content="Securing the DotGov: Examining Efforts to Strengthen Federal Network Cybersecurity" />
<meta name="google-site-verification" content="QMu0ODkER3rN5hLcMLqNVf7e3bkjYsNLTuhqfH48jCA" />
<meta name="Generator" content="Drupal 10 (https://www.drupal.org)" />
<meta name="MobileOptimized" content="width" />
<meta name="HandheldFriendly" content="true" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="nist_search_modified" class="elastic" content="2022-05-18T14:16:00-04:00" />
<meta name="nist_search_bundle" class="elastic" content="speeches_testimony" />
<link rel="icon" href="/themes/custom/nist_www/favicon.ico" type="image/vnd.microsoft.icon" />
<title>Securing the DotGov: Examining Efforts to Strengthen Federal Network Cybersecurity | NIST</title>
<link rel="stylesheet" media="all" href="/sites/default/files/css/css_CoYW9o5iASDZ0KVzyq3-Gk0ZT4uXg3o43bmDru7Se_8.css?delta=0&amp;language=en&amp;theme=nist_www&amp;include=eJxFi1EKwzAMQy9UliMZOzGdqROX2CPb7Zd2KwV9SOI9wrxB2Mye6O4g2drSxAPiyZXnZ0rYoVpJRRxJGVTatvjHg-t0nU8-rWqE-nPHGNfmdxx8Kv21oz7-88aq5G4uwV-XkjnN" />
<link rel="stylesheet" media="all" href="/sites/default/files/css/css_kGS0ApDpFo-_3JI4Ijxg4RCWlTqsImK3lqH7bCv5v2U.css?delta=1&amp;language=en&amp;theme=nist_www&amp;include=eJxFi1EKwzAMQy9UliMZOzGdqROX2CPb7Zd2KwV9SOI9wrxB2Mye6O4g2drSxAPiyZXnZ0rYoVpJRRxJGVTatvjHg-t0nU8-rWqE-nPHGNfmdxx8Kv21oz7-88aq5G4uwV-XkjnN" />
<link rel="stylesheet" media="print" href="/sites/default/files/css/css_-IXwLuTUdm8IGHxib8GX8wWKw3LjKsNWSYYskZ5fEGg.css?delta=2&amp;language=en&amp;theme=nist_www&amp;include=eJxFi1EKwzAMQy9UliMZOzGdqROX2CPb7Zd2KwV9SOI9wrxB2Mye6O4g2drSxAPiyZXnZ0rYoVpJRRxJGVTatvjHg-t0nU8-rWqE-nPHGNfmdxx8Kv21oz7-88aq5G4uwV-XkjnN" />
<link rel="stylesheet" media="all" href="/sites/default/files/css/css_jmXeSZNqhh6ayjrVIlS8rDw3mcnQaE5dzE2ZwwPSzNA.css?delta=3&amp;language=en&amp;theme=nist_www&amp;include=eJxFi1EKwzAMQy9UliMZOzGdqROX2CPb7Zd2KwV9SOI9wrxB2Mye6O4g2drSxAPiyZXnZ0rYoVpJRRxJGVTatvjHg-t0nU8-rWqE-nPHGNfmdxx8Kv21oz7-88aq5G4uwV-XkjnN" />
<script src="/sites/default/files/js/js_GM8kl6wk698qKTTwusj83bCoGHHtOZ1UinjY1sE_Qbk.js?scope=header&amp;delta=0&amp;language=en&amp;theme=nist_www&amp;include=eJxdjW0OwjAIhi805UiErtjhWFlatHp7O53RLOEHPLwfgcYZ3fqsEH47XuuQzJIyUiZ9uowVjmDIUh0v0lm0ltUoopceIjlBos-7irMsa7E7wxFsLW_mEy_ce00DFVwsQpRKoQer5PmtgaQWSE-7BSamyOV7YmvtT8EP34wQy20lPe_nC6DrXYU"></script>
</head>
<body class="node-1703471">
<a href="#main-content" class="visually-hidden focusable" data-elastic-exclude>
Skip to main content
</a>
<div class="dialog-off-canvas-main-canvas" data-off-canvas-main-canvas>
<!-- nist-index-ignore-start -->
<section data-elastic-exclude class="usa-banner" aria-label="Official government website">
<div class="usa-accordion">
<header class="usa-banner__header">
<div class="usa-banner__inner">
<div class="grid-col-auto">
<img class="usa-banner__header-flag" src="/libraries/nist-component-library/dist/img/us_flag_small.png" alt="U.S. flag">
</div>
<div class="grid-col-fill tablet:grid-col-auto">
<p class="usa-banner__header-text">An official website of the United States government</p>
<p class="usa-banner__header-action" aria-hidden="true">Heres how you know</p>
</div>
<button class="usa-accordion__button usa-banner__button" aria-expanded="false" aria-controls="gov-banner-default">
<span class="usa-banner__button-text">Heres how you know</span>
</button>
</div>
</header>
<div class="usa-banner__content usa-accordion__content" id="gov-banner-default">
<div class="grid-row grid-gap-lg">
<div class="usa-banner__guidance tablet:grid-col-6">
<img class="usa-banner__icon usa-media-block__img" src="/libraries/nist-component-library/dist/img/icon-dot-gov.svg" role="img" alt="" aria-hidden="true">
<div class="usa-media-block__body">
<p>
<strong>Official websites use .gov</strong>
<br/>
A <strong>.gov</strong> website belongs to an official government organization in the United States.
</p>
</div>
</div>
<div class="usa-banner__guidance tablet:grid-col-6">
<img class="usa-banner__icon usa-media-block__img" src="/libraries/nist-component-library/dist/img/icon-https.svg" role="img" alt="" aria-hidden="true">
<div class="usa-media-block__body">
<p>
<strong>Secure .gov websites use HTTPS</strong>
<br/>
A <strong>lock</strong> ( <span class="icon-lock">
<svg xmlns="http://www.w3.org/2000/svg" width="52" height="64" viewbox="0 0 52 64" class="usa-banner__lock-image" role="img" aria-labelledby="banner-lock-title banner-lock-description" focusable="false">
<title id="banner-lock-title">Lock</title>
<desc id="banner-lock-description">A locked padlock</desc><path fill="#000000" fill-rule="evenodd" d="M26 0c10.493 0 19 8.507 19 19v9h3a4 4 0 0 1 4 4v28a4 4 0 0 1-4 4H4a4 4 0 0 1-4-4V32a4 4 0 0 1 4-4h3v-9C7 8.507 15.507 0 26 0zm0 8c-5.979 0-10.843 4.77-10.996 10.712L15 19v9h22v-9c0-6.075-4.925-11-11-11z"/></svg>
</span>
) or <strong>https://</strong> means youve safely connected to the .gov website. Share sensitive information only on official, secure websites.
</p>
</div>
</div>
</div>
</div>
</div>
</section>
<!-- nist-index-ignore-end -->
<div data-elastic-exclude>
<!-- nist-index-ignore-start -->
<div class="nist-print-header" style="display:none;">
<p class="nist-print-header__url">https://www.nist.gov/speech-testimony/securing-dotgov-examining-efforts-strengthen-federal-network-cybersecurity</p>
<img class="nist-print-header__logo" width="289" height="38" src="/libraries/nist-component-library/dist/img/logo/nist_logo_sidestack.svg" alt="National Institute of Standards and Technology" />
</div>
<div class="usa-overlay"></div>
<header class="usa-header nist-header--www nist-header--minimal" role="banner">
<div class="usa-navbar">
<div class="usa-logo flex-fill">
<a href="/" title="National Institute of Standards and Technology" aria-label="Home">
<img src="/libraries/nist-component-library/dist/img/logo/logo.svg" alt="National Institute of Standards and Technology" width="300px" height="80px" />
</a>
</div>
<div class="usa-header__right grid-row flex-auto">
<div class="grid-col-fill nist-header__search-group">
<form class="usa-search usa-search--small"
accept-charset="UTF-8"
action="/search"
id="search_form"
method="get">
<div role="search">
<label class="usa-sr-only" for="search-form">Search NIST</label>
<input class="usa-input" id="search-form" type="search" name="s" placeholder="Search NIST" required="" maxlength="128">
<button class="usa-button" type="submit"><img src="/libraries/nist-component-library/dist/img/usa-icons-bg/search--white.svg" class="usa-search__submit-icon" alt="Search"></button>
</div>
</form>
</div>
<div class="grid-col-auto padding-left-1">
<button class="usa-menu-btn">Menu</button>
</div>
</div>
</div>
<nav aria-label="Primary navigation" class="usa-nav">
<div class="usa-nav__inner">
<button class="usa-nav__close">Close</button>
<ul class="usa-nav__primary usa-accordion">
<li class="usa-nav__primary-item">
<a class="usa-nav__link" href="/publications">Publications</a>
</li>
<li class="usa-nav__primary-item">
<button class="usa-accordion__button usa-nav__link" aria-expanded="false" aria-controls="primary_menu-2"><span>What We Do</span></button>
<div id="primary_menu-2" class="usa-nav__submenu usa-megamenu">
<div class="grid-row">
<div class="tablet:grid-col-fill"><ul class="usa-nav__submenu-list">
<li class="usa-nav__submenu-item">
<a href="/topics" class="usa-nav__link">All Topics</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/advanced-communications" class="usa-nav__link">Advanced communications</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/artificial-intelligence" class="usa-nav__link">Artificial intelligence</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/bioscience" class="usa-nav__link">Bioscience</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/buildings-construction" class="usa-nav__link">Buildings and construction</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/chemistry" class="usa-nav__link">Chemistry</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/cybersecurity" class="usa-nav__link">Cybersecurity</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/electronics" class="usa-nav__link">Electronics</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/energy" class="usa-nav__link">Energy</a>
</li>
</ul></div><div class="column-break tablet:grid-col-fill"><ul class="usa-nav__submenu-list">
<li class="usa-nav__submenu-item">
<a href="/environment" class="usa-nav__link">Environment</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/fire" class="usa-nav__link">Fire</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/forensic-science" class="usa-nav__link">Forensic science</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/health" class="usa-nav__link">Health</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/information-technology" class="usa-nav__link">Information technology</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/infrastructure" class="usa-nav__link">Infrastructure</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/manufacturing" class="usa-nav__link">Manufacturing</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/materials" class="usa-nav__link">Materials</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/mathematics-statistics" class="usa-nav__link">Mathematics and statistics</a>
</li>
</ul></div><div class="column-break tablet:grid-col-fill"><ul class="usa-nav__submenu-list">
<li class="usa-nav__submenu-item">
<a href="/metrology" class="usa-nav__link">Metrology</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/nanotechnology" class="usa-nav__link">Nanotechnology</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/neutron-research" class="usa-nav__link">Neutron research</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/performance-excellence" class="usa-nav__link">Performance excellence</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/physics" class="usa-nav__link">Physics</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/public-safety" class="usa-nav__link">Public safety</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/quantum-information-science" class="usa-nav__link">Quantum information science</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/resilience" class="usa-nav__link">Resilience</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/standards" class="usa-nav__link">Standards</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/transportation" class="usa-nav__link">Transportation</a>
</li>
</ul>
</div>
</div>
</div>
</li>
<li class="usa-nav__primary-item">
<button class="usa-accordion__button usa-nav__link" aria-expanded="false" aria-controls="primary_menu-3"><span>Labs &amp; Major Programs</span></button>
<div id="primary_menu-3" class="usa-nav__submenu usa-megamenu">
<div class="grid-row">
<div class="tablet:grid-col-fill"><ul class="usa-nav__submenu-list">
<li class="usa-nav__submenu-item">
<a href="/adlp" class="usa-nav__link">Assoc Director of Laboratory Programs</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/laboratories" class="usa-nav__link">Laboratories</a>
<ul class="usa-nav__submenu-list">
<li>
<a href="/ctl" class="usa-nav__link">Communications Technology Laboratory</a>
</li>
<li>
<a href="/el" class="usa-nav__link">Engineering Laboratory</a>
</li>
<li>
<a href="/itl" class="usa-nav__link">Information Technology Laboratory</a>
</li>
<li>
<a href="/mml" class="usa-nav__link">Material Measurement Laboratory</a>
</li>
<li>
<a href="/pml" class="usa-nav__link">Physical Measurement Laboratory</a>
</li>
</ul>
</li>
</ul></div><div class="column-break tablet:grid-col-fill"><ul class="usa-nav__submenu-list">
<li class="usa-nav__submenu-item">
<a href="/user-facilities" class="usa-nav__link">User Facilities</a>
<ul class="usa-nav__submenu-list">
<li>
<a href="/ncnr" class="usa-nav__link">NIST Center for Neutron Research</a>
</li>
<li>
<a href="/cnst" class="usa-nav__link">CNST NanoFab</a>
</li>
</ul>
</li>
<li class="usa-nav__submenu-item">
<a href="/labs-major-programs/research-test-beds" class="usa-nav__link">Research Test Beds</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/laboratories/projects-programs" class="usa-nav__link">Research Projects</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/laboratories/tools-instruments" class="usa-nav__link">Tools &amp; Instruments</a>
</li>
</ul></div><div class="column-break tablet:grid-col-fill"><ul class="usa-nav__submenu-list">
<li class="usa-nav__submenu-item">
<a href="/major-programs" class="usa-nav__link">Major Programs</a>
<ul class="usa-nav__submenu-list">
<li>
<a href="/baldrige" class="usa-nav__link">Baldrige Performance Excellence Program</a>
</li>
<li>
<a href="/chips" class="usa-nav__link">CHIPS for America Initiative</a>
</li>
<li>
<a href="/mep" class="usa-nav__link">Manufacturing Extension Partnership (MEP)</a>
</li>
<li>
<a href="/oam" class="usa-nav__link">Office of Advanced Manufacturing</a>
</li>
<li>
<a href="/spo" class="usa-nav__link">Special Programs Office</a>
</li>
<li>
<a href="/tpo" class="usa-nav__link">Technology Partnerships Office</a>
</li>
</ul>
</li>
</ul>
</div>
</div>
</div>
</li>
<li class="usa-nav__primary-item">
<button class="usa-accordion__button usa-nav__link" aria-expanded="false" aria-controls="primary_menu-4"><span>Services &amp; Resources</span></button>
<div id="primary_menu-4" class="usa-nav__submenu usa-megamenu">
<div class="grid-row">
<div class="tablet:grid-col-fill"><ul class="usa-nav__submenu-list">
<li class="usa-nav__submenu-item">
<a href="/content/standards-measurements" class="usa-nav__link">Standards and Measurements</a>
<ul class="usa-nav__submenu-list">
<li>
<a href="/calibrations" class="usa-nav__link">Calibration Services</a>
</li>
<li>
<a href="/nvlap" class="usa-nav__link">Laboratory Accreditation (NVLAP)</a>
</li>
<li>
<a href="/nist-quality-system" class="usa-nav__link">Quality System</a>
</li>
<li>
<a href="/srm" class="usa-nav__link">Standard Reference Materials (SRMs)</a>
</li>
<li>
<a href="/sri" class="usa-nav__link">Standard Reference Instruments (SRIs)</a>
</li>
<li>
<a href="/standardsgov" class="usa-nav__link">Standards.gov</a>
</li>
<li>
<a href="/pml/time-and-frequency-division/time-services" class="usa-nav__link">Time Services</a>
</li>
<li>
<a href="/pml/owm" class="usa-nav__link">Office of Weights and Measures</a>
</li>
</ul>
</li>
</ul></div><div class="column-break tablet:grid-col-fill"><ul class="usa-nav__submenu-list">
<li class="usa-nav__submenu-item">
<a href="/services-resources/software" class="usa-nav__link">Software</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/data" class="usa-nav__link">Data</a>
<ul class="usa-nav__submenu-list">
<li>
<a href="https://webbook.nist.gov/chemistry/" class="usa-nav__link">Chemistry WebBook</a>
</li>
<li>
<a href="https://nvd.nist.gov/" class="usa-nav__link">National Vulnerability Database</a>
</li>
<li>
<a href="/pml/productsservices/physical-reference-data" class="usa-nav__link">Physical Reference Data</a>
</li>
<li>
<a href="/srd" class="usa-nav__link">Standard Reference Data (SRD)</a>
</li>
</ul>
</li>
<li class="usa-nav__submenu-item">
<a href="https://shop.nist.gov/" class="usa-nav__link">Storefront</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/tpo" class="usa-nav__link">License &amp; Patents</a>
</li>
</ul></div><div class="column-break tablet:grid-col-fill"><ul class="usa-nav__submenu-list">
<li class="usa-nav__submenu-item">
<a href="https://csrc.nist.gov/" class="usa-nav__link">Computer Security Resource Center (CSRC)</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/nist-research-library" class="usa-nav__link">NIST Research Library</a>
</li>
</ul>
</div>
</div>
</div>
</li>
<li class="usa-nav__primary-item">
<button class="usa-accordion__button usa-nav__link" aria-expanded="false" aria-controls="primary_menu-5"><span>News &amp; Events</span></button>
<div id="primary_menu-5" class="usa-nav__submenu usa-megamenu">
<div class="grid-row">
<div class="tablet:grid-col-fill"><ul class="usa-nav__submenu-list">
<li class="usa-nav__submenu-item">
<a href="/news-events/news" class="usa-nav__link">News</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/news-events/events" class="usa-nav__link">Events</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/blogs" class="usa-nav__link">Blogs</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/feature-stories" class="usa-nav__link">Feature Stories</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/awards" class="usa-nav__link">Awards</a>
</li>
</ul></div><div class="column-break tablet:grid-col-fill"><ul class="usa-nav__submenu-list">
<li class="usa-nav__submenu-item">
<a href="/video-gallery" class="usa-nav__link">Video Gallery</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/image-gallery" class="usa-nav__link">Image Gallery</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/pao/media-contacts" class="usa-nav__link">Media Contacts</a>
</li>
</ul>
</div>
</div>
</div>
</li>
<li class="usa-nav__primary-item">
<button class="usa-accordion__button usa-nav__link" aria-expanded="false" aria-controls="primary_menu-6"><span>About NIST</span></button>
<div id="primary_menu-6" class="usa-nav__submenu usa-megamenu">
<div class="grid-row">
<div class="tablet:grid-col-fill"><ul class="usa-nav__submenu-list">
<li class="usa-nav__submenu-item">
<a href="/about-nist" class="usa-nav__link">About Us</a>
<ul class="usa-nav__submenu-list">
<li>
<a href="/director/leadership" class="usa-nav__link">Leadership</a>
</li>
<li>
<a href="/director/nist-organization-structure" class="usa-nav__link">Organization Structure</a>
</li>
<li>
<a href="/about-nist/budget-planning" class="usa-nav__link">Budget &amp; Planning</a>
</li>
</ul>
</li>
<li class="usa-nav__submenu-item">
<a href="/about-nist/contact-us" class="usa-nav__link">Contact Us</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/about-nist/visit" class="usa-nav__link">Visit</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/careers" class="usa-nav__link">Careers</a>
<ul class="usa-nav__submenu-list">
<li>
<a href="/iaao/academic-affairs-office" class="usa-nav__link">Student programs</a>
</li>
</ul>
</li>
</ul></div><div class="column-break tablet:grid-col-fill"><ul class="usa-nav__submenu-list">
<li class="usa-nav__submenu-item">
<a href="/about-nist/work-nist" class="usa-nav__link">Work with NIST</a>
</li>
<li class="usa-nav__submenu-item">
<a href="/history" class="usa-nav__link">History</a>
<ul class="usa-nav__submenu-list">
<li>
<a href="http://nistdigitalarchives.contentdm.oclc.org/" class="usa-nav__link">NIST Digital Archives</a>
</li>
<li>
<a href="/nist-museum" class="usa-nav__link">NIST Museum</a>
</li>
<li>
<a href="/nist-and-nobel" class="usa-nav__link">NIST and the Nobel</a>
</li>
</ul>
</li>
<li class="usa-nav__submenu-item">
<a href="/education" class="usa-nav__link">Educational Resources</a>
</li>
</ul>
</div>
</div>
</div>
</li>
</ul>
</div>
</nav>
</header>
<!-- nist-index-ignore-end -->
</div>
<div class="grid-container">
</div>
<div
id="block-nist-www-content" class="nist-block"
>
<section
class="nist-page__content usa-section clearfix"
>
<a id="main-content" tabindex="-1"></a>
<div class="grid-container margin-top-4">
<div
class="nist-page__region nist-page__region--content-top"
>
<div
class="nist-block"
>
<a class="usa-button usa-button--accent-cool" href="/director/congressional-and-legislative-affairs/testimony">TESTIMONY</a>
</div>
<div
class="nist-block"
>
<h1 class="nist-page__title">Securing the DotGov: Examining Efforts to Strengthen Federal Network Cybersecurity</h1>
</div>
<div
class="nist-block"
>
<div class="datetime"><time datetime="2022-05-17T12:00:00Z">May 17, 2022</time>
</div>
</div>
</div>
</div>
<div class="grid-container margin-top-4">
<div class="grid-row grid-gap-6">
<aside class="nist-page__region nist-page__region--sidebar-second-top-mobile grid-col-12">
<div class="gray-box">
<div
class="nist-block"
>
<h2 class="nist-block__title">Witness</h2>
<p>Dr. Charles H. Romine<br>
Director, Information Technology Laboratory<br>
National Institute of Standards and Technology<br>
United States Department of Commerce</p>
</div>
<div
class="nist-block"
>
<h2
class="nist-block__title"
>Venue</h2>
<div class="text-long"><p>United States House of Representatives<br>
Committee on Homeland Security<br>
Subcommittee on Cybersecurity, Infrastructure Protection, &amp; Innovation</p></div>
</div>
</div>
</aside>
<div
class="nist-page__region nist-page__region--content tablet-lg:grid-col-8"
>
<div
class="nist-block"
>
<div class="text-with-summary">
<p>Chairwoman Clarke, Ranking Member Garbarino, and distinguished members of the Subcommittee, I am Dr. Charles Romine, the Director of the Information Technology Laboratory (ITL) at the Department of Commerces National Institute of Standards and Technology known as NIST. Thank you for the opportunity to testify today on behalf of NIST on our efforts to improve the cybersecurity of the federal government.<br>
<br>
NIST is home to five Nobel Prize winners, with programs focused on national priorities such as artificial intelligence, advanced manufacturing, the digital economy, precision metrology, quantum information science, biosciences and, of course, cybersecurity. The mission of NIST is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.<br>
<br>
In the NIST Information Technology Laboratory, we work to cultivate trust in information technology and metrology. Trust in the digital economy is built upon key principles like cybersecurity, privacy, interoperability, equity, and avoiding bias in the development and deployment of technology. NIST conducts fundamental and applied research, advances standards to understand and measure technology, and develops tools to evaluate such measurements. Technology standards—and the foundational research that enables their development and use—are critical to advancing trust in and promoting interoperability between digital products and services. Critically, they can provide increased assurance, thus enabling more secure, private, and rights-preserving technologies.<br>
<br>
<strong>NISTs Role in Cybersecurity</strong><br>
<br>
This year, NIST is celebrating the 50th anniversary of its work in cybersecurity. NISTs role in addressing cybersecurity and privacy challenges includes conducting research and developing broad and foundational standards, guidelines, and tools for public and non-public organizations. These efforts are focused on securing the technology used today, while also conducting ground-breaking research focused toward securing the technology of the future. Fifty years ago, NIST efforts began with the publication of the Data Encryption Standard, which enabled efficiencies with security, like the electronic banking that we all enjoy today. The NIST Advanced Encryption Standard has been estimated to provide more than $250 billion in economic value over a period of 20 years. Today, our efforts include everything from technical cryptography algorithms, establishing strong cybersecurity and privacy controls, and operational resources on managing cybersecurity and privacy risks, to cybersecurity education and training programs. In celebration of our 50th anniversary, we are hosting several events and resources to highlight some of the extraordinary advancements in cybersecurity at NIST over the years and encourage you to check it out on our website.<br>
<br>
As a non-regulatory agency, NIST prides itself on the strong partnerships we have developed with the government and private sector. NIST seeks and relies on diverse stakeholder feedback amongst government, industry, academia, and non-profit entities to develop and improve our cybersecurity resources. The collaborative, transparent, and open processes NIST uses to develop resources results in more effective and usable resources that are widely trusted, and therefore, more widely used by various organizations. Therefore, NIST resources are used not only by federal agencies, but also private sector organizations of all sizes, educational institutions, and state, local, and tribal governments.<br>
<br>
Cybersecurity is critically important to accomplishing federal missions and protecting federal systems and information, as well as ensuring access to important programs and services relied on by Americans. I am pleased to testify today with Chris DeRusha from the Office of Management and Budget and the Office of the National Cyber Director and Eric Goldstein from the Cybersecurity and Infrastructure Security Agency, two critical partners with NIST in enhancing the cybersecurity of federal agencies. Under the Federal Information Security Modernization Act (FISMA), NIST develops security standards and guidelines for non-national security federal agency systems, which may be mandatory for federal agencies. NIST standards and guidance provide a baseline and how-to direction for federal agencies in developing and managing their cybersecurity and privacy programs for federal systems. NISTs work also informs OMB and CISA in their roles to help federal agencies operationalize these strong cybersecurity measures. Federal agencies rely on NIST to provide unbiased, technically-sound information that is both actionable and flexible to meet their unique missions and business needs while managing cybersecurity and privacy risks. NISTs explicit role in developing security guidelines for federal agencies was first established in the Brooks Automatic Data Processing Act in 1965 (Public Law 89-306). Its role was strengthened through the Computer Security Act of 1987 (Public Law 100-235), the Federal Information Security Management Act of 2002 (FISMA) (Public Law 107-347)<sup>1</sup>, and reaffirmed in the Federal Information Security Modernization Act of 2014 (FISMA 2014) (Public Law 113-283).<br>
<br>
<strong>Executive Order 14028 on Improving the Nations Cybersecurity</strong><br>
<br>
On May 12, 2021, President Biden signed Executive Order, “Improving the Nations Cybersecurity” (EO 14028), which was critically aimed at improving the cybersecurity of the networks of the federal government and the nation. Cybersecurity incidents such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline incident are a sobering reminder that U.S. public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals. These incidents share commonalities, including insufficient software and supply chain cybersecurity defenses that leave public and private sector entities vulnerable to incidents. It highlights the importance of both securing existing software already in use by federal agencies, as well as adopting strong secure software development and supply chain risk management principles to address the security of software procured by federal agencies.<br>
<br>
The Executive Order included several directives for the Secretary of Commerce, through NIST, aimed at enhancing software supply chain security. I am pleased to report that NIST has met all the deliverables under the EO, despite tight timelines. NIST carried out the EO directives in close cooperation with other government agencies and private and public sector organizations and individuals through our open, transparent, and inclusive processes. This included hosting seven workshops over the past year to solicit input from stakeholders. The initial workshop, hosted June 2 and 3, 2021, three weeks after the EO was issued, garnered more than 1400 participants and 150 position papers. In addition, NIST participated in two White House Summits, on Cybersecurity Supply Chain and on Open Source Software Security, that informed our efforts.<br>
<br>
<strong>Enhancing Software Security and Cybersecurity Supply Chain Risk Management</strong><br>
<br>
In response to the EO, over the last year, NIST published ground-breaking work to identify and secure critical software, establish secure software development lifecycle best practices, establish minimum standards for vendor or developer verification of software, establish supply chain security guidance, and develop the technical criteria to inform initiation of pilot labeling programs to help consumers understand the cybersecurity of software products and Internet of Things devices. The NIST guidance developed under the EO provides effective measures to reduce risks to software supply chains while allowing for future innovation and economic growth within the secure software ecosystem. In the process, NIST has also assisted the Office of Management and Budget, Cybersecurity and Infrastructure Security Agency, the General Services Administration, and other agencies to meet their responsibilities under the EO. A full list of NISTs efforts and deliverables under EO 14028 can be found in the appendix, but I will expand on a few critical efforts in detail here.<br>
<br>
<em><strong>Defining and Securing Critical Software</strong></em><br>
One of the goals of the EO is to assist in developing a security baseline for critical software products used across the Federal Government. The designation of software as EO-critical will then drive additional activities, including how the Federal Government purchases and manages deployed critical software. Under the EO, NIST defined EO-critical software as any software that has, or has direct software dependencies, upon one or more components with at least one of these attributes: is designed to run with elevated privilege or manage privileges; has direct or privileged access to networking or computing resources; is designed to control access to data or operational technology; performs a function critical to trust; or, operates outside of normal trust boundaries with privileged access. The EO directs NIST to issue guidance on security measures for critical software, and further directs the Office of Management and Budget (OMB) to require federal agencies to comply with that guidance. The guidance issued by NIST in July 2021 outlines core cybersecurity measures for the protection of critical software in use by federal agencies. The guidance developed by NIST is intended to supplement, not supplant, other NIST security measures for securing software, including guidance on supply chain security and zero trust practices.<br>
<br>
<em><strong>Ensuring Secure Software Development</strong></em><br>
The EO requires the Government to only purchase software that is developed securely and directs NIST to “issue guidance identifying practices that enhance the security of the software supply chain.” Secure development practices will help ensure security is a consideration throughout the lifecycle of a software product. Updated in February 2022 in response to EO 14028, the Secure Software Development Framework (SSDF) provides a set of fundamental and sound practices for secure software development. The SSDF was developed in partnership with organizations across the software industry. It is intended to help software producers reduce the number of vulnerabilities in released software, reduce the potential impact of the exploitation of undetected or unaddressed vulnerabilities, and address the root causes of vulnerabilities to prevent recurrences. Also, because the SSDF provides a common language for describing secure software development practices, software producers and acquirers can use it to foster their communications for procurement processes and other management activities.<br>
<br>
In addition, to meet the goals of the EO, NIST also released related Software Supply Chain Security Guidance to help federal agencies as they acquire software or a product containing software on how to ensure conformity with the secure software development practices outlined in the SSDF. The guidelines recommend agencies should use the SSDF terminology to organize communications about secure software development requirements, require attestation to cover secure software development practices throughout the software life cycle, accept first-party attestation of conformity with SSDF practices unless a risk-based approach determines that a second or third-party attestation is required, and when requesting artifacts of conformance, request high-level artifacts. It also recommends agencies implement the practices outlined in NISTs supply chain cybersecurity guidance, to increase visibility into, and mitigation of, supply chain cybersecurity risks.<br>
<br>
As directed by OMB in March, pursuant to the EO, federal agencies are now required to implement the SSDF and associated security guidance from NIST. NIST is committed to working within the executive branch to assist OMB and agencies in implementing this guidance. In the future, NIST will provide additional practical guidance to organizations on implementing the SSDF, as well as how to leverage the guidance to address open source software security vulnerabilities.<br>
<br>
<em><strong>Cybersecurity supply chain risk management</strong></em><br>
NIST has collaborated with public and private sector stakeholders to research and develop Cybersecurity Supply Chain Risk Management (C-SCRM) tools and metrics, producing case studies and widely used guidelines on mitigation strategies. These multiple sources reflect the complex global marketplace and assist federal agencies, companies, and others to manage cybersecurity risks in supply chains. The SECURE Technology Act authorized a specific role to NIST in developing cybersecurity supply chain risk management guidelines. In response to EO 14028, NIST recently issued an update to its foundational guideline, Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations (SP 800-161 Revision 1) to guide organizations in identifying, assessing, and responding to cybersecurity supply chain risks at all levels. NISTs guidance provides additional information on how to leverage emerging concepts like the software bill of materials (SBOM).<br>
<br>
Building from this foundational cybersecurity supply chain risk management guideline and deliverables issued in response to EO 14028, NIST recently announced the National Initiative for Improving Cybersecurity in Supply Chains (NIICS), a new public-private partnership to improve cybersecurity in supply chains. This initiative will emphasize tools, technologies, and guidance focused on the developers and providers of technology as well as help organizations to build, evaluate, and assess the cybersecurity of products and services in their supply chain. NIST issued a Request for Information in February 2022 to inform further development of NIICS and other NIST cybersecurity frameworks, standards, and guidelines.<br>
<br>
<em><strong>Advancing Zero Trust Architecture</strong></em><br>
EO 14028 directs federal agencies to develop plans to implement a Zero Trust Architecture in support of federal cybersecurity modernization efforts. Agency migration plans needed to be consistent, where appropriate, with NIST standards and guidance on zero trust. NIST's technical guidance defines zero trust, identifies foundational zero trust tenets, and shares deployment models and use cases where zero trust could improve an enterprises overall information technology security posture. NIST has also launched a collaborative project with industry to demonstrate practical, example approaches to implementing a zero trust architecture to aid agencies and other organizations in their implementations.<br>
<br>
<strong>Other Challenges Faced by Federal Agencies</strong><br>
<br>
<em><strong>Managing Cybersecurity and Privacy Risk</strong></em><br>
More than ever, federal agencies and other organizations must balance a rapidly evolving cybersecurity and privacy threat landscape against the need to fulfill business requirements on an enterprise level. Risk management underlies everything that NIST does in cybersecurity and privacy and is part of its full suite of standards and guidelines. NIST equips organizations with an aligned and integrated portfolio of tools to understand, measure, manage, and communicate risk specific to various risk domains, including cybersecurity, privacy, and supply chain in the context of the enterprise.<br>
<br>
Among many risk management resources, the NIST Risk Management Framework (RMF) provides a comprehensive, flexible, repeatable, and measurable 7-step process to manage information security and privacy risk. The RMF links to a suite of NIST standards and guidelines to support implementation of risk management programs for federal agencies to meet the requirements of FISMA. For example, the RMF provides a process in which to select and implement security and privacy controls (SP 800-53) and to assess if they are operating as intended and achieving the desired outcomes (SP 800-53A).<br>
<br>
Executive Order 13800 also provides direction to federal agencies with respect to cybersecurity, and specifies that federal agencies shall use NISTs Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework). NIST continues to maintain the Cybersecurity Framework to help organizations including federal agencies better identify, assess, and manage cybersecurity risks in the context of their missions and business objectives. The Cybersecurity Framework is used widely by private and public sector organizations in and outside of the United States and has been translated into multiple languages, speaking to its global success as a commonly used resource. The Cybersecurity Framework was last updated in April 2018. Much has changed in the cybersecurity landscape in terms of threats, capabilities, technologies, education and workforce, and the availability of resources to help organizations to better manage cybersecurity risk. NIST has begun the update process, beginning with a request for information to gather stakeholder input about evaluating and improving the Cybersecurity Framework.<br>
<br>
NIST believes privacy should be an equal consideration to other risks such as cybersecurity and safety that organizations manage in their risk portfolios. Privacy plays a critical role in safeguarding fundamental values such as human autonomy and dignity, as well as civil rights and civil liberties. NIST has prioritized measurement science research and the creation of frameworks, guidance, tools, and standards that protect privacy. Much of NISTs critical cybersecurity guidelines now includes privacy considerations. In addition, NIST maintains the NIST Privacy Framework, modeled on the NIST Cybersecurity Framework, to help organizations identify and manage privacy risks. NIST is also collaborating with the White House Office of Science and Technology Policy and the National Science Foundation to advance privacy-preserving data sharing and analytics through bilateral prize challenges with the United Kingdom this year.<br>
<br>
<em><strong>Vulnerability Management</strong></em><br>
Protecting information technology is critical and NIST plays a key role in this area by maintaining the repository of all known and publicly reported information technology vulnerabilities, called the National Vulnerability Database (NVD). The NVD is an authoritative source for standardized information on security vulnerabilities that NIST updates regularly.<br>
<br>
The vulnerabilities catalogued in the NVD are weaknesses in coding found in software and hardware that, if exploited, can impact the confidentiality, integrity, or availability of information or information systems. The NVD tracks vulnerabilities over time and allows users to assess changes in vulnerability discovery rates within specific products or specific types of vulnerabilities. The NVD is the second most frequently accessed website at NIST, after the NIST time service, and is used across the country by the IT and cybersecurity industry, by cybersecurity tools and scanners, by other nations and by computer emergency response teams around the world.<br>
<br>
<strong>Emerging Technologies</strong><br>
<br>
<em><strong>Cryptography</strong></em><br>
NIST has fostered the development of cryptographic techniques and technology for 50 years through an open process which brings together industry, government, and academia to develop workable approaches to cryptographic protection that enable practical security. Our work in cryptography has continually evolved to meet the needs of the changing IT landscape. As our electronic networks grow increasingly open and interconnected, it is crucial to have strong, trusted cryptographic standards and guidelines, algorithms and encryption methods that provide a foundation for e-commerce transactions, mobile device conversations, and other exchanges of data. NIST has several cryptography efforts, but one worth highlighting today, will be the difficult and long transition to ensure our systems and data remain encrypted when quantum computing becomes a reality. If large-scale quantum computers are ever built, they will be able to break many of the public-key cryptosystems currently in use. This would seriously compromise the confidentiality and integrity of digital communications on the Internet and elsewhere. The goal of post-quantum cryptography (also called quantum-resistant cryptography) is to develop cryptographic systems that are secure against both quantum and classical computers, and can interoperate with existing communications protocols and networks.<br>
<br>
Motivated by these considerations, NIST is in the process of selecting public-key (quantum- resistant) cryptographic algorithms through a public, competition-like process. The intent is for new public-key cryptography standards to specify one or more additional unclassified, publicly disclosed digital signature, public-key encryption, and key-establishment algorithms that are available worldwide and capable of protecting sensitive government information well into the foreseeable future, including after the advent of quantum computers.&nbsp;<br>
<br>
In parallel, NIST has launched a project in collaboration with industry and government partners at its National Cybersecurity Center of Excellence (NCCoE) to develop practices to help agencies and other organizations prepare now for future cryptographic algorithm transitions. Established in 2012, the NCCoE is a collaborative hub where industry organizations, government agencies, and academic institutions work together to address businesses most pressing cybersecurity issues. This public-private partnership enables the creation of practical cybersecurity solutions for specific industries, as well as for broad, cross-sector technology challenges. This project will help agencies and other organizations prepare now for migration to post-quantum cryptographic algorithms and plan for the replacement of hardware, software, and services that use public-key algorithms now so that information is protected from future attacks.<br>
<br>
<em><strong>Cybersecurity for the Internet of Things (IoT)</strong></em><br>
The rapid proliferation of internet-connected devices and rise of the IoT come with great anticipation. Connected devices bring the promise of enhanced business efficiencies and increased customer satisfaction. IoT devices could include wearable fitness trackers, “smart” televisions, wireless infusion pumps, and cars—among many others. Internet-connected devices generally sense, collect, process, and transmit a wide array of data, ranging from consumer personally identifiable information to proprietary company data to infrastructure data used to make critical real-time decisions or to effect a change in the physical world. Just as there are a variety of new uses, the IoT ecosystems nature brings new security considerations.<br>
<br>
NISTs Cybersecurity for IoT program conducts research and produces guidelines to help device manufacturers and users understand and manage risk of IoT devices in their operating environments. NIST provides guidance for manufacturers and their supporting third parties as they conceive, design, develop, test, sell, and support IoT devices across their spectrum of customers.<br>
<br>
The IoT Cybersecurity Improvement Act of 2020 requires NIST to provide guidance for federal agencies on “the appropriate use and management by agencies of [IoT] devices” connected to information systems. NIST has issued IoT-specific guidance for federal organizations in understanding and defining their IoT cybersecurity requirements, including the role of IoT devices as elements of federal systems and provides guidance for addressing the unique risks such devices can present. This guidance includes a collection of technical and non-technical cybersecurity controls defining a broad range of IoT device capabilities and supporting non-technical actions that an agency can apply in documenting their IoT cybersecurity requirements.<br>
<br>
<em><strong>Artificial Intelligence</strong></em><br>
Cross-cutting technologies like artificial intelligence (AI) that increasingly affect so many dimensions of our lives raise a number of new and unique cybersecurity challenges. With the advent of AI and machine learning, todays machines are engineered for complex decision-making that historically only people could handle.<br>
<br>
Trust is key to realizing the full promise of artificial intelligence (AI) as a tool to enable innovation, enhance economic security, and improve our quality of life. To help build that trust, NIST is developing the AI Risk Management Framework to provide guidance on better managing risks to individuals, organizations, and society associated with AI. The framework adopts a “rights-preserving approach” to AI, putting the protection of individual rights at the forefront of AI development and use. NIST released the first draft of this framework for public comments in March. The AI RMF outlines a process to address traditional technical measures of accuracy, robustness, resilience, and reliability. It also acknowledges that sociotechnical characteristics of the system characteristics such as privacy, interpretability, safety and bias, which are inextricably tied to human and social behavior are equally important when evaluating the overall risk of a system.<br>
<br>
As a first step on a long road to responsible AI development, NIST has recently produced guidance to help identify and manage AI bias. This work underlines that a complete understanding of bias must take into account both human and systemic biases.<br>
<br>
NIST has a long history of devising appropriate metrics, measurement tools, and challenge problems to support technology development. These evaluations strengthen research communities, establish research methodology, and facilitate technology transfer. NIST is looking to bring these benefits of community evaluations to bear on the problem of constructing trustworthy AI systems. These evaluations will begin with community input to identify potential harms of selected AI technologies in context, and the data requirements for AI trust evaluations.<br>
<br>
<strong>Conclusion</strong><br>
Advancing cybersecurity research and standards that ensure a secure, private, and interoperable digital economy is a significant priority for NIST. Our economy is increasingly global, complex, and interconnected. It is characterized by rapid advances in technology. The timely availability of international cybersecurity standards and guidance is a dynamic and critical component to ensure the cybersecurity and resilience of such advances in technology. With robust collaboration with stakeholders across government, industry, international bodies, and academia, NIST aims to cultivate trust and foster an environment that enables innovation on a global scale.&nbsp; Cybersecurity challenges, and the supply chain software security challenges discussed today, are a complex issue. Cybersecurity must be considered alongside all other types of risks addressed by organizations and by leadership at the most senior level. NIST is committed to ensuring that organizations have the guidance and tools to do so.<br>
<br>
My staff at NIST are some of the top cybersecurity and standards experts in the world. Working with our partners in other federal agencies, such as OMB and CISA, the private sector, academia, and other allied countries, and with the support of Congress, we will work tirelessly to address current and future cybersecurity challenges.<br>
<br>
Thank you for the opportunity to present on NIST activities to improve Federal Network Cybersecurity through implementation of Executive Order 14028. I look forward to your questions.<br>
&nbsp;</p>
<hr>
<p><sup>1</sup> FISMA was enacted as Title III of the E-Government Act of 2002 (Public Law 107-347).</p>
</div>
</div>
<div
class="nist-block"
>
<!-- nist-index-ignore-start -->
<div data-elastic-exclude="" class="nist-tags">
<a href="/topic-terms/information-technology" hreflang="en">Information technology</a>, <a href="/topic-terms/artificial-intelligence" hreflang="en">Artificial intelligence</a>, <a href="/topic-terms/cybersecurity" hreflang="en">Cybersecurity</a>, <a href="/topic-terms/internet-things-iot" hreflang="en">Internet of Things (IoT)</a> and <a href="/topic-terms/privacy" hreflang="en">Privacy</a></div>
<!-- nist-index-ignore-end -->
</div>
</div>
<aside class="nist-page__region nist-page__region--sidebar-second tablet-lg:grid-col-4">
<div
class="nist-page__region nist-page__region--sidebar-second-top gray-box"
>
<div
class="nist-block"
>
<h2 class="nist-block__title">Witness</h2>
<p>Dr. Charles H. Romine<br>
Director, Information Technology Laboratory<br>
National Institute of Standards and Technology<br>
United States Department of Commerce</p>
</div>
<div
class="nist-block"
>
<h2
class="nist-block__title"
>Venue</h2>
<div class="text-long"><p>United States House of Representatives<br>
Committee on Homeland Security<br>
Subcommittee on Cybersecurity, Infrastructure Protection, &amp; Innovation</p></div>
</div>
</div>
<div>
</div>
</aside>
</div>
</div>
<div class="grid-container">
<div
class="nist-page__region nist-page__region--content-bottom"
>
<div
class="nist-block"
>
<div class="text-italic font-sans-2xs">
Created May 18, 2022
</div>
</div>
</div>
</div>
</section>
</div>
<div data-elastic-exclude>
<!-- nist-index-ignore-start -->
<footer class="nist-footer padding-bottom-4">
<div class="grid-container nist-footer__info">
<div class="grid-row">
<div class="tablet:grid-col-6">
<div class="nist-footer__logo">
<a href="/" title="National Institute of Standards and Technology" rel="home">
<img class="nist-footer__logo-img" src="/libraries/nist-component-library/dist/img/logo/NIST-Logo-Brand-White.svg" alt="National Institute of Standards and Technology logo" width="300px" height="42px" />
</a>
</div>
<div class="nist-footer__contact">
<h3 class="nist-footer__contact-heading">HEADQUARTERS</h3>
<address>
100 Bureau Drive<br>
Gaithersburg, MD 20899<br>
<a href="tel:301-975-2000">301-975-2000</a>
</address>
<p>
<a href="mailto:do-webmaster@nist.gov">Webmaster</a> | <a href="https://www.nist.gov/about-nist/contact-us">Contact Us</a> | <a href="https://www.nist.gov/visit">Our Other Offices</a>
</p>
</div>
</div>
<div class="tablet:grid-col-6">
<div class="nist-footer__social-links">
<a class="nist-social nist-social--x-white" href=" https://x.com/NIST">
<span>X.com</span>
</a>
<a class="nist-social nist-social--facebook-white" href=" https://www.facebook.com/NIST">
<span>Facebook</span>
</a>
<a class="nist-social nist-social--linkedin-white" href=" https://www.linkedin.com/company/nist">
<span>LinkedIn</span>
</a>
<a class="nist-social nist-social--instagram-white" href=" https://www.instagram.com/nist/">
<span>Instagram</span>
</a>
<a class="nist-social nist-social--youtube-white" href=" https://www.youtube.com/NIST">
<span>YouTube</span>
</a>
<a class="nist-social nist-social--giphy-white" href=" https://giphy.com/nist">
<span>Giphy</span>
</a>
<a class="nist-social nist-social--rss-white" href=" https://www.nist.gov/news-events/nist-rss-feeds">
<span>RSS Feed</span>
</a>
<a class="nist-social nist-social--envelope-white" href=" https://public.govdelivery.com/accounts/USNIST/subscriber/new">
<span>Mailing List</span>
</a>
</div>
<div class="nist-footer__feedback">
How are we doing? <a class="usa-button" rel="nofollow" href="/form/nist-gov-feedback?destination=/speech-testimony/securing-dotgov-examining-efforts-strengthen-federal-network-cybersecurity" title="Provide feedback">Feedback</a>
</div>
</div>
</div>
</div>
<div class="grid-container">
<div class="nist-footer__nav" role="navigation">
<ul>
<li class="nist-footer__menu-item">
<a href="https://www.nist.gov/privacy-policy">Site Privacy</a>
</li>
<li class="nist-footer__menu-item">
<a href="https://www.nist.gov/oism/accessibility">Accessibility</a>
</li>
<li class="nist-footer__menu-item">
<a href="https://www.nist.gov/privacy">Privacy Program</a>
</li>
<li class="nist-footer__menu-item">
<a href="https://www.nist.gov/oism/copyrights">Copyrights</a>
</li>
<li class="nist-footer__menu-item">
<a href="https://www.commerce.gov/vulnerability-disclosure-policy">Vulnerability Disclosure</a>
</li>
<li class="nist-footer__menu-item">
<a href="https://www.nist.gov/no-fear-act-policy">No Fear Act Policy</a>
</li>
<li class="nist-footer__menu-item">
<a href="https://www.nist.gov/office-director/freedom-information-act">FOIA</a>
</li>
<li class="nist-footer__menu-item">
<a href="https://www.nist.gov/environmental-policy-statement">Environmental Policy</a>
</li>
<li class="nist-footer__menu-item">
<a href="https://www.nist.gov/summary-report-scientific-integrity">Scientific Integrity</a>
</li>
<li class="nist-footer__menu-item">
<a href="https://www.nist.gov/nist-information-quality-standards">Information Quality Standards</a>
</li>
<li class="nist-footer__menu-item">
<a href="https://www.commerce.gov/">Commerce.gov</a>
</li>
<li class="nist-footer__menu-item">
<a href="http://www.science.gov/">Science.gov</a>
</li>
<li class="nist-footer__menu-item">
<a href="http://www.usa.gov/">USA.gov</a>
</li>
<li class="nist-footer__menu-item">
<a href="https://vote.gov/">Vote.gov</a>
</li>
</ul>
</div>
</div>
</footer>
<!-- nist-index-ignore-end -->
</div>
</div>
<script type="application/json" data-drupal-selector="drupal-settings-json">{"path":{"baseUrl":"\/","pathPrefix":"","currentPath":"node\/1703471","currentPathIsAdmin":false,"isFront":false,"currentLanguage":"en"},"pluralDelimiter":"\u0003","suppressDeprecationErrors":true,"back_to_top":{"back_to_top_button_trigger":100,"back_to_top_speed":1200,"back_to_top_prevent_on_mobile":false,"back_to_top_prevent_in_admin":true,"back_to_top_button_type":"image","back_to_top_button_text":"Back to top"},"google_analytics":{"account":"G-HEQ0YF2VYL","trackOutbound":true,"trackMailto":true,"trackTel":true,"trackDownload":true,"trackDownloadExtensions":"7z|aac|arc|arj|asf|asx|avi|bin|bsh|c|csv|doc(x|m)?|dot(x|m)?|dw(fx|g|gd)|dxf|eps|epub|exe|f(90)|flv|gif|gz|gzip|hqx|jar|jpe?g|js|m1v|mp(2|3|4|e?g)|mobi|mov(ie)?|msi|msp|pdf|phps|pl|png|ppt(x|m)?|pot(x|m)?|pps(x|m)?|ppam|sld(x|m)?|thmx|qtm?|ra(m|r)?|rfa|rtf|rvt|sch|sea|sit|swf|tar|tgz|tif|txt|txz|wav|wma|wmv|wpd|wrl|xls(x|m|b)?|xlt(x|m)|xlam|xml|xsd|z|zip"},"nist_search":{"clickTracking":"search-report-click","isDebug":false,"clickTrackEnabled":true,"message":"NIST Search in debug mode. Check the browsers network inspector for Click Track reporting results..."},"data":{"extlink":{"extTarget":false,"extTargetNoOverride":false,"extNofollow":false,"extNoreferrer":false,"extFollowNoOverride":false,"extClass":"ext","extLabel":"(link is external)","extImgClass":false,"extSubdomains":true,"extExclude":"\\.gov\\\/|\\.mil\\\/|\\manufacturingusa\\.com\\\/","extInclude":"","extCssExclude":".ck-editor, .nist-video-thumbnail__lightbox-trigger, a.nist-icon--mail-blue","extCssExplicit":"","extAlert":true,"extAlertText":"Thank you for visiting NIST. We hope your visit was informative. We have provided a link to this site because it has information that may be of interest to our users. NIST does not necessarily endorse the views expressed or the facts presented on this site. Further, NIST does not endorse any commercial products that may be advertised or available on this site. Click OK to be directed to your link.","mailtoClass":"0","mailtoLabel":"(link sends email)","extUseFontAwesome":false,"extIconPlacement":"after","extFaLinkClasses":"fa fa-external-link","extFaMailtoClasses":"fa fa-envelope-o","whitelistedDomains":[]}},"user":{"uid":0,"permissionsHash":"bd6a443844dbe99b4e6942f3b1397526e760137efd2b1ee6b2d588fc414dff20"}}</script>
<script src="/sites/default/files/js/js_jDaFaXhHm6gPUKstNYX9eIyoQXghVs3g7rbR0QoqpYY.js?scope=footer&amp;delta=0&amp;language=en&amp;theme=nist_www&amp;include=eJxdjW0OwjAIhi805UiErtjhWFlatHp7O53RLOEHPLwfgcYZ3fqsEH47XuuQzJIyUiZ9uowVjmDIUh0v0lm0ltUoopceIjlBos-7irMsa7E7wxFsLW_mEy_ce00DFVwsQpRKoQer5PmtgaQWSE-7BSamyOV7YmvtT8EP34wQy20lPe_nC6DrXYU"></script>
<script src="https://siteimproveanalytics.com/js/siteanalyze_6017546.js" async></script>
<script src="/sites/default/files/js/js_709kuJyJYTt2lWrlwglvgNyqkgqlZSSNCLusQNdUubs.js?scope=footer&amp;delta=2&amp;language=en&amp;theme=nist_www&amp;include=eJxdjW0OwjAIhi805UiErtjhWFlatHp7O53RLOEHPLwfgcYZ3fqsEH47XuuQzJIyUiZ9uowVjmDIUh0v0lm0ltUoopceIjlBos-7irMsa7E7wxFsLW_mEy_ce00DFVwsQpRKoQer5PmtgaQWSE-7BSamyOV7YmvtT8EP34wQy20lPe_nC6DrXYU"></script>
<script type="text/javascript">window.NREUM||(NREUM={});NREUM.info={"beacon":"bam.nr-data.net","licenseKey":"37b7ccb661","applicationID":"1089704227","transactionName":"YFxUN0sADEdYVkBaClkWdwBNCA1aFnFGRhVWVWoNVgUHaHpaWkcXWFVaBks9LFtdUGJaAEB6WQ1NEw1YVVBGHltBUFMU","queueTime":4,"applicationTime":497,"atts":"TBtXQQMaH0k=","errorBeacon":"bam.nr-data.net","agent":""}</script></body>
</html>
Reference in a new issue View git blame Copy permalink