U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.


We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

Cybersecurity Risk Analytics CRA


NIST is working with stakeholders from across government, industry, and academia to research and prototype methods and tools to enable predictive risk analytics and identify cyber risk trends. NIST’s goal is to enable information sharing among risk owners about historical, current and future cyber risk conditions and is intended to help not only enhance existing cyber risk mitigation strategies but also improve and expand upon existing cybersecurity risk metrology efforts.

We will be leveraging past and present efforts such as data repository for cyber incident analysis, predictive analytics and strategic analysis on threat coverage, prioritization and gap identification. Our initial research focus will be on technical framework and enabling functions for a trusted and secure repository that enterprise risk owners can use to anonymously share, store, aggregate, and analyze sensitive cyber incident data. As part of this process, NIST plans to solicit feedback and create opportunities for collaborations on proof of concepts to facilitate data sharing.

Created September 07, 2018, Updated September 10, 2020