Presentations

Emerging Threats

Monday, February 24, 2020, 8:30 a.m. - 5:00 p.m., Moscone West

This full-day seminar will discuss topics of emerging threats such as ransomware, targeted attacks, emerging IoT threats and new aspects of social engineering and deep fake human manipulation. The NCCoE's Anne Townsend and Michael Ekstrom will discuss protecting data from ransomware and breaches. Learn more about this session and view the agenda.

Access the recap.

 

How to Deploy Secure Technologies to Help Reduce Online Fraud

Tuesday, February 25, 2020, 1:00 p.m. - 1:50 p.m., Moscone West

Join NCCoE's Bill Newhouse as he discusses how to protect e-commerce from cybersecurity attacks. These solutions are researched in the NCCoE's NIST Special Publication (SP) 1800-17, Multifactor Authentication for E-Commerce, which was finalized earlier this year. Learn more about this session.

Can't make it to the session? Learn more about this project

Access the recap.

 

Practical Use of the MUD Specification to Support Access Control in the IoT

Wednesday, February 26, 2020, 8:00 a.m. - 8:30 a.m., Moscone South

The demand for internet-connected “smart” home and small business devices is growing rapidly, but so too are concerns regarding the potential compromise of these devices. During this session, the NCCoE's Parisa Grayeli and Blaine Mulugeta will discuss example implementations of a Manufacturer Usage Description (MUD) solution for cybersecurity attacks on IoT devices. These solutions are based on the Internet Engineering Task Force's MUD RFC 8520, and are detailed in the NCCoE's NIST SP 1800-15, Securing Small-Business and Home Internet of Things (IoT) Devices: Mitigating Network-Based Attacks Using Manufacturer Usage Description (MUD). Learn more about this session.

Can't make it to the session? Check out our work with MUD.

Access the recap.

 

Putting Access Management for the Internet of Things into Practice with MUD

Thursday, February 27, 2020, 8:00 a.m. - 8:50 a.m., Moscone West

The panel will summarize public and private sector activities for documenting and applying best security practices for IoT. It will describe industry collaborations, including describing and showing proof of concept implementations of the Manufacturer Usage Description (MUD) Specification (RFC 8520) for controlling access to IoT devices. Lessons learned and implementation issues will be explored. Learn more about this session.

Can't make it to the session? Check out our work with MUD.

Access the recap.

Birds of a Feather Sessions

Data Breach Response and Recovery

Wednesday, February 26, 2020, 1:30 p.m. - 2:20 p.m., Moscone West

The aftereffects of a data breach can send organizations reeling. By sharing experiences of handling data breaches, we can better understand the technical gaps that exist in today’s enterprises. Come and discuss with NCCoE's Michael Ekstrom what tools and technologies today’s security teams need to best meet today’s data confidentiality challenges. Attendance is strictly limited to allow for a small group experience. Learn more about this session.

 

Securing the Identity and Access Management Systems

Wednesday, February 26, 2020, 2:50 p.m. - 3:40 p.m., Moscone West

Breakthroughs were made in the financial services sector work in access rights management in support of the National Cybersecurity Center of Excellence work program. What’s next? Securing the identity and access management systems. Come and discuss with NCCoE's Anne Townsend what tools and technologies today’s security teams need to best meet this challenge. Attendance is strictly limited to allow for a small group experience. Learn more about this session.

Offsite NIST Events

Discussion on Secure Software Development Framework

Tuesday, February 25, 2020, 4:00 p.m. - 5:00 p.m., Marriott Marquis, 780 Mission Street, San Francisco, CA 94103

Please join BSA, NIST, SAFECode and industry panelists in a one-hour session to discuss secure software development framework (SSDF) practices. Learn more about this session and register.

Use Cases for the NICE Cybersecurity Workforce Framework

Wednesday, February 26, 2020, 8:00 a.m. - 9:45 a.m., Marriott Marquis, 780 Mission Street, San Francisco, CA 94103

This session will consist of a review and discussion of seven proposed use cases of the NICE Framework, which provides a common taxonomy and lexicon for describing cybersecurity work in both the public and private sectors. Additionally, attendees will gain insight from subject matter experts into best practices for how the NICE Framework can be used as a reference resource. Learn more about this session and register.

 

Visit the NCCoE at the NIST Booth 2438/South Expo.

 

*More information will be added to this page as it is announced.