HFTP Hangout: Securing Property Management Systems

Thursday, May 20, 2021

NCCoE’s Bill Newhouse presents the recent hospitality publication, Securing Property Management Systems, during the Hospitality Financial and Technology Professionals (HFTP) Virtual Education Series.  A hotel property management system (PMS) is a prime target for cyber criminals. A successful breach could give a criminal access to valuable data resulting in financial loss, operational disruption, reputational harm, and lengthy regulatory investigations and litigation. On March 30, 2021, the NIST NCCoE released Special Publication 1800-27, Securing Property Management Systems. This collaboration with the hospitality community and cybersecurity technology providers demonstrates how hospitality organizations can use a standards-based approach with commercially available technologies to protect property management systems.

ACT-IAC Emerging Technology COI

Tuesday, April 20, 2021

The NCCoE's Jim McCarthy will take part in a panel discussion at the ACT-IAC Emerging Technology Community of Interest meeting on Tuesday, April 20, beginning at 10:00 a.m. ET. Learn what the NCCoE and others are doing to leverage and secure the internet of things and related smart technologies for federal and local governments.

SunSpec & Sandia Webinar: Securing the Industrial Internet of Things

Thursday, April 22, 2021

The NIST National Cybersecurity Center of Excellence recently collaborated with stakeholders in the electricity sector, the University of Maryland, and cybersecurity technology providers to build an environment that mimics a distribution utility interconnected with a campus microgrid. Within this ecosystem, they explored how information exchanges among distributed energy resources (DERs) and the electric distribution grid can be trusted and protected from cybersecurity compromise. 

This presentation will offer an overview of the project and reference design/architecture and the commercially-available products brought to bear to address some of the cybersecurity challenges for DERs.


  • Jim McCarthy and Don Faatz, NIST National Cybersecurity Center of Excellence
  • NCCoE project collaborators from Anterix, BlackRidge Technology, Cisco, Dots and Bridges, Radiflow, Spherical Analytics, Sumo Logic, TDi Technologies, and Xage Security

Mobile Device Security Webinar - April 2021

Wednesday, April 21, 2021

Mobile Device Security Webinar - April 2021

Date/Time: Wednesday, April 21, 2021 | 1 p.m. EDT
Duration: 1 hour

Join the NCCoE’s Mobile Device Security project team and collaborators for updates on current and future mobile device security and privacy projects.

Below is the agenda: 

Time (EDT)






Gema Howell

NCCoE and Mobile Device Security Overview


Presentation: 2020-2021 NIST Mobile Device Security publications

Gema Howell & Julie Snyder

Cybersecurity and Privacy Subject Matter Experts discuss NIST Special Publication 1800-22, Mobile Device Security: Bring Your Own Device (BYOD) and facilitate interactive poll questions throughout the presentation.


Your Feedback!

Facilitated discussion

Open floor for participants to ask questions, provide feedback and share ideas on future projects


Closing Remarks

Gema Howell

Thanks and Call to Join the Mobile Device Security Community of Interest, and Future Events


Post-Webinar Materials

Thank you to everyone who participated in the Mobile Device Security and Privacy webinar hosted by Ms. Gema Howell, Computer Scientist, of the National Institute of Standards and Technology’s (NIST’s) National Cybersecurity Center of Excellence (NCCoE) and Ms. Julie Snyder, Principal National Cybersecurity Federally Funded Research and Development Center (NCF) Privacy Lead. The hosts shared NCCoE’s current mobile device security and privacy projects, specifically, NIST Special Publication 1800-22, Mobile Device Security: Bring Your Own Device (BYOD) and led an interactive discussion with the audience about current and future projects.

Below is a list of resources mentioned during the event.

Mobile Device Security Resources

We welcome your comments on the newly released draft version of 1800-22, Mobile Device Security: Bring Your Own Device (BYOD). The public is encouraged to review the draft and provide feedback for possible incorporation before the public comment period closes on May 17, 2021. If you have feedback or are interested in joining the Community of Interest group, please email mobile-nccoe@nist.gov.

NCCoE Learning Series Webinar: ICAM for Public Safety Personnel

Thursday, March 25, 2021

Date/Time: Thursday, March 25, 2021 | 3 p.m. EST
Duration: 30 minutes plus Q&A
Technical Level: moderate to advanced

It is critical that the right first responder accesses the right information at the right time for the right reason. To help the public safety community achieve that goal, the National Institute of Standards and Technology’s (NIST’s) National Cybersecurity Center of Excellence (NCCoE) is engaged in a collaborative effort with technology providers to develop guidance on ICAM for the public safety community. 

Following up from last month’s fireside chat, Cybersecurity for Public Safety and First Responders, Bill Fisher, security engineer at the NCCoE and project lead for the Public Safety and First Responder Sector, will delve deeper into the NCCoE’s body of ICAM work to highlight critical topic areas such as: 

  • identity federation 
  • identity as a service
  • biometric authentication technologies  

This session will feature NIST and NCCoE guidance, when and where the guidance applies, and key takeaways and recommendations for cybersecurity for the public safety community. 

A video recording of the event is available here:

Cybersecurity for Public Safety and First Responders

Thursday, February 25, 2021

Date/Time: Thursday, February 25, 2021 | 3 p.m. EST
Duration: 30 minutes plus Q&A

Join the NCCoE for a fireside chat with Bill Fisher, security engineer at the NCCoE and project lead for the public safety and first responder sector to examine:

  • current and emerging cybersecurity concerns for public safety personnel
  • proactive steps to mitigate cybersecurity risks
  • ways that private and public organizations can contribute to the cybersecurity of public safety data and systems

Registration is now closed. 


A video recording of the event is available here.

Supply Chain Assurance Webinar - March 2021

Thursday, March 18, 2021

Date/Time: Thursday, March 18, 2021 | 2:00 p.m. ET
Duration: 45 minutes plus live Q&A 

Join the NCCoE’s Supply Chain Assurance project team and collaborators for an update on Validating the Integrity of Computing Devices

During this webinar participants will: 

  • Learn more about the scope of the project.  

  • Hear about the role each project collaborator will play in developing the sample solution (Dell, Eclypsium, Intel, HP Inc., HPE, RSA, Seagate Technology). 

  • Preview the first installment of the recently published practice guide (Volume A). 

  • Have the opportunity to ask questions, provide feedback, and share ideas for potential future projects. 

Registration is required so that we may share webinar connection details with you. Register by completing the form below*. Please note that this month's call is open to Supply Chain Community of Interest members and anyone who is potentially interested in joining the group. 


*By registering for this event, you will automatically receive updates on future project updates and events as a member of our COI list. 

Manufacturing Sector Webinar

Thursday, February 25, 2021

Dr. Michael Powell, manufacturing sector lead, of the National Institute of Standards and Technology’s (NIST’s) National Cybersecurity Center of Excellence (NCCoE) hosted a webinar featuring Ms. Amy Nicewick, section chief, and co-lead of the Cybersecurity and Infrastructure Security Agency’s (CISA’s) Ransomware Awareness Campaign. Ms. Nicewick shared what CISA is doing to combat ransomware, and explained what resources her agency offers to help organizations strengthen their cybersecurity defenses.  

Below is a list of resources mentioned in the event. .

Cybersecurity & Infrastructure Security Agency (CISA) Resources

Safeguarding Device Integrity in the Supply Chain and Beyond

Tuesday, February 16, 2021

While most organizations are accustomed to dealing with external threats such as malware, the technology supply chain itself has rapidly emerged as an important source of risk. Proliferating vulnerabilities at the firmware and hardware level have opened the door for nation-state and ransomware attackers to gain control over laptops, servers, and network devices. Vulnerabilities or compromises in the supply chain can affect devices long before they are delivered and unboxed by the eventual owner, as well as during the update process.

In this live webinar, our expert panel will discuss:

- How the complex technology supply chain creates concentrations of risk
- Recent supply chain threats and their implications for enterprise risk management
- What a supply chain disaster scenario might look like
- What organizations can do today to begin verifying device integrity in the supply chain and throughout the lifecycle of their devices
- What’s coming down the road as part of the NIST project for “Validating the Integrity of Computing Devices.”

John Loucaides - Vice President of Research and Development at Eclypsium
Andrew Regenscheid - Project Lead for Applied Cryptography within the Computer Security Division at the National Institute of Standards and Technology (NIST).


Register for the event here.