Success Stories

To increase awareness, understanding, and use of the Cybersecurity Framework, NIST is highlighting brief "success stories" explaining how diverse organizations use the Framework to improve their cybersecurity risk management.

These brief summaries focus on why and how the organization used the Framework, emphasizing the variety of approaches and benefits, typically including results, lessons learned, and next steps. Success stories highlight Framework use by Individual organizations (company, not-for- profit, government agency) or a group of organizations within a sector. U.S. and non-U.S. organizations may be featured.

Success stories also offer featured organizations the opportunity to be viewed as a leader in their industry or sector. Those organizations contribute to their sector's supply chains, community, and nation by sharing their experiences and lessons learned.

For more information regarding the creation and submission of success stories, see Guidance on Preparation and Review.

Success Story Catalog

CSF 1.1 Success Stories

Saudi Aramco
Critical Infrastructure
Success Story

Government of Bermuda
International
Success Story

Israel National Cyber Directorate v. 2.0
International 
Success Story

Cimpress-FAIR 
General 
Success Story

Multi-State - Information Sharing and Analysis Center 
State, Local, Tribal and Territorial  
Success Story

University of Kansas Medical Center 
Academia 
Success Story

University of Pittsburgh 
Academia 
Success Story

ISACA
Information Technology, Workforce Training 
Success Story

Japanese Cross-Sector Forum 
International
Success Story

University of Chicago 
Academia
Success Story

Lower Colorado River Authority
General
Success Story

Optic Cyber Solutions 
General
Success Story