U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.


We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Multi-Cloud Security Public Working Group MCSPWG


Cloud computing has become the core accelerator of US Government digital business transformation. NIST is establishing a Multi-Cloud Security Public Working Group (MCSPWG) to research best practices for securing complex cloud solutions involving multiple service providers and multiple clouds.  

The White House Executive Order on Improving the Nation's Cybersecurity highlights that “the Federal Government needs to make bold changes and significant investments in order to defend the vital institutions that underpin the American way of life” by focusing “the full scope of its authorities and resources to protect and secure its computer systems, whether they are cloud-based, on-premises, or hybrid.” The MCSPWG research will focus on a) identifying the challenges of implementing secure multi-cloud systems and b) developing guidance and best practice for mitigating the identified challenges. 

The US federal agencies were further encouraged by the Cloud Smart Federal Computing Strategy to accelerate cloud adoption and modernize their IT infrastructures, leverage cloud technology scalability and speed-to-market by expanding and diversifying their cloud portfolio to incorporate multi-party (multi-providers) cloud solutions.  Many organizations in adopting these cloud solutions, which can include services provided by different cloud service providers often with support from third-party entities, are faced with added security and privacy implementation challenges. 

The MCSPWG Charter provides additional information on MCSPWG including the planned work and the rules of engagement for participation and subscription to the mailing list below.


Annie Sokol

Credits: Annie Sokol


IT Specialist





Photo Brian Ruf

Credits: Brian Ruf


Director of Cybersecurity

Easy Dynamics





Credits: Nida Davis



Security Architecture





Credits: Ned Goren


IT Specialist





How Can I Join?

Mailing List: NIST is maintaining the mailing list: mcspwg@list.nist.gov for communication among subscribed members.

Join the mailing list to receive notices about MCSPWG meetings and other updates by sending an email from the email address you want to subscribe to mcspwg+subscribe@list.nist.gov

You will receive an automated e-mail from mcspwg+subconfirm@list.nist.gov asking you to reply to the e-mail if you would like to continue with your join request. This second step is necessary for confirming your subscription to the mailing list.

To unsubscribe from the mailing list, send an email to mcspwg+unsubscribe@list.nist.gov from the subscribed email address.

If you have difficulties joining the mailing list, contact us at mcsec@nist.gov

Important Information

The mailing lists are for discussion related to MCSPWG activities.

Files should not be distributed on the mailing lists, rather they should be posted on the available collaboration site(s)  and a link shared via the mailing list. 

NIST moderates the mailing lists and reserves the right to:

  • remove participants from the mailing lists for failure to adhere to these rules. 
  • review, approve or delete any messages that fall outside the scope of the mailing list and the charter of the MCSPWG.

The mailing lists are not to be used for promotional announcements, advertising, product-related press releases, or other commercial use. 

Do not send messages that contain abusive or vulgar content, spam, hate speech, personal attacks, or similar content.




Created October 12, 2021, Updated August 02, 2022