In this webinar, the NCCoE’s Bill Fisher will demonstrate their Mobile Application Single Sign-On project, a reference design that integrates FIDO multifactor authentication (MFA) with mobile single sign on (SSO) for native and web applications, designed to help reduce the number of credentials PSFR must juggle and decrease time spent on authentication.
Join us on Monday, November 13th from 10am to noon, to help kick off National Cybersecurity Career Awareness Week! Attendees will hear from experts on how the cybersecurity community can effectively reach and encourage more students to consider a future career in cybersecurity, and how to utilize career development strategies for college graduates seeking to land their first cybersecurity position or current workers transitioning into this exciting field!
Dave Weitzel and Julie Snyder, Cybersecurity Engineers at the NCCoE, and Josephine Long of the US Coast Guard will be speaking about Industry/Government Partnership: Cybersecurity through Development of a NIST CSF Profile with US Coast Guard during the session entitled NIST Cybersecurity Framework: Use & Deployment on Tuesday, November 7th at 10:40am.
Senior Cybersecurity Engineer Bill Newhouse will participate in a panel on "Build Omni-channel Fraud Strategies with Deep Entity Profiling & Automation" at RSA Charge on Wednesday, October 18, 2017 from 2:30pm to 3:15pm. The panel will discuss best practices to leverage these technologies to mitigate fraud more effectively while reducing end-user friction and operational costs and enabling omni-channel business growth.
NCCoE Security Engineer Jim McCarthy will lead the session titled "Convergence of Cybersecurity Situational Awareness Capabilities for the Energy Sector" at GridSecCon 2017 in St. Paul, MN. NCCoE engineers alongside former Department of Energy CTO Pete Tseronis, Eric Andersen and Mark Rice of Pacific Northwest National Laboratory (PNNL), and Mary-Ann Ibeziako and Don Hill of University of Maryland College Park, Engineering and Energy, will share their expertise on Situational Awareness and discuss the recently NIST Special Publication 1800-7 that uses commercially available products to explore the methods for energy providers to more readily detect and remediate anomalous conditions and investigate the chain of events that led to the anomalies.
MITRE’s Zach Furness, Acting Technical Director at the National Cybersecurity FFRDC, which operates the NCCoE, will be participating in a panel at this year’s Cyber Maryland at the Baltimore Convention Center. The panel is entitled, Academic Catalysts in the Local, National, and International Cybersecurity Ecosystems and Agendas and begins at 11:00 am.
David Weitzel, cybersecurity engineer at the National Cybersecurity Center of Excellence (NCCoE), will be presenting a session entitled The NCCOE Approach to Situational Awareness on October 4th from 11:30am-12:00pm at this year’s 4th Annual Industrial Control Cybersecurity USA meeting.
NCCoE Senior Engineer Harry Perper will present "Ransomware Recovery and Privileged Account Management Improve Resilience" on October 4 from 1:45pm to 2:30pm at the FS-ISAC Fall Summit in Baltimore, Md. Malware and insider threat actors often make use of privileged accounts to enable their activities. Recovery from ransomware is complicated by the lack of consistent and protected file and system back-ups. And access rights policies are difficult to enforce using manual processes.
Authenticating users in card not present (CNP) transactions continues to be a challenge for e-commerce payments. In this session "No Card? No Problem" NCCoE's Deputy Program Manager Brian Abe and Orvis' Head of IT Security, Compliance and Risk Management Tyson Martin will discuss approaches being developed by the NCCoE in conjunction with industry partners to implement multifactor authentication to address these challenges and implement stronger authentication mechanisms to ensure a customer is authorized to use a credit card for e-commerce transactions. The NCCoE example implementation will introduce multifactor authentication that ties to existing web analytics and contextual risk calculation to reduce the risk of false online identification and authentication fraud.