Cybersecurity and Privacy of Genomic Data

The advent of innovative genomic sequencing technologies has ushered in an era where it is now possible to sequence and analyze an entire genome quickly and affordably. The vast amounts of genomic data collected have helped fuel our nation’s economic and health leadership posture; however, this information may not be protected with sufficient rigor.

Read the 2-page Fact Sheet

Genomic cybersecurity guidance can aid organizations by 1) protecting them against data misuse which could harm individuals, companies, and nations and 2) enabling secure collaborative innovations.

Status: Soliciting Comments

NIST IR 8432 outlines current challenges and proposed solutions in the genomic data cybersecurity landscape.

NIST IR 8432 Cybersecurity of Genomic DataWeb Version NIST IR 8432 Cybersecurity of Genomic Data

The following publications are open for public comment through January 30, 2025.

NIST IR 8467 2pd, Genomic Data Cybersecurity and Privacy Frameworks Community Profile (Second Public Draft)Web Version NIST IR 8467 2pd, Genomic Data Cybersecurity and Privacy Frameworks Community Profile (Second Public Draft)
NIST CSWP 35 ipd, Cybersecurity Threat Modeling the Genomic Data Sequencing Workflow (Initial Public Draft)Web Version NIST CSWP 35 ipd, Cybersecurity Threat Modeling the Genomic Data Sequencing Workflow (Initial Public Draft)

Project Overview

Advancements in genomic sequencing technologies are accelerating the speed and volume of data collection, sequencing, and analysis. However, this progress also heightens cybersecurity and privacy risks. In response, the NIST is engaging with genomic stakeholders across government, academia, and industry to develop voluntary, actionable guidance to help organizations manage cybersecurity and privacy risks for systems that process genomic data.

The NCCoE published final NIST Internal Report (IR) 8432, Cybersecurity of Genomic Data, summarizing the current practices, challenges, and solutions for protecting genomic data. Building on additional insights from our ongoing collaboration with the genomics community, the NCCoE updated draft NIST IR 8467, Genomic Data Cybersecurity and Privacy Frameworks Community Profile (Genomic Data Profile), a structured, risk-based approach for managing both cybersecurity and privacy risks in processing genomic data. The updated draft incorporates the NIST Cybersecurity Framework (CSF) version 2.0 and NIST Privacy Framework (PF) version 1.0 to help organizations prioritize both cybersecurity and privacy capabilities. This Profile is the first joint CSF and PF Community Profile developed by NIST.

The NCCoE has also published draft NIST Cybersecurity White Paper (CSWP) 35, Cybersecurity Threat Modeling the Genomic Data Sequencing Workflow. This white paper evaluates potential cybersecurity threats in a genomic data processing environment using an iterative methodology. It provides an example use case and demonstrates an approach which organizations can adapt to identify cybersecurity threats and mitigations in their environments.

Ongoing project work includes privacy threat modeling for genomic data workflows and development of a Privacy Enhancing Technologies (PETs) testbed for privacy-preserving federated learning (PPFL).

Join the Community of Interest

Employee speaking on video call with colleagues on online briefing with laptop at home

A Community of Interest (COI) is a group of professionals and advisors who share business insights, technical expertise, challenges, and perspectives to guide NCCoE projects. COIs often include experts, innovators, and everyday users of cybersecurity and privacy technologies. Share your expertise and consider becoming a member of this project's COI. 

Tell us about yourself

First & Last Name




Losing your DNA is not like losing a credit card.  You can order a new credit card, but you cannot replace your DNA.  The loss of your DNA not only affects you, but your relatives and, potentially, generations to come.

(source: The National Counterintelligence and Security Center)