The NCCoE will lead a talk on "Industry/Government Partnership: Cybersecurity through Development of a NIST CSF Profile with US Coast Guard" as part of the NIST Cybersecurity Framework: Use & Deployment session at the 11th Annual Cybersecurity Conference for the Oil & Natural Gas Industry in Houston, Texas on Thursday, November 10, 1:00-2:10 pm CT.
Speaker: Suzanne Schwartz, MD, MBA is the Associate Director for Science & Strategic Partnerships at FDA’s Center for Devices & Radiological Health (CDRH). Her portfolio includes medical device cybersecurity and efforts span incident response, increasing awareness, outreach, partnering, policy and coalition-building. Suzanne chairs CDRH Cybersecurity Working Group. She also co-chairs the Government Coordinating Council for Healthcare & Public Health. Suzanne earned an MD from Albert Einstein College of Medicine, trained in General Surgery & Burn Trauma at the New York Presbyterian Hospital - Weill Cornell Medical Center; an executive MBA from NYU Stern School of Business, and completed the National Preparedness Leadership Initiative – Harvard School of Public Health & Kennedy School of Government.
NCCoE Computer Scientist Gavin O'Brien will participate in the "Information Security: It's Everyone's Problem" session from 10:30m-11:30am at the AEHIX 16 Fall Forum in Phoenix, Arizona. This session explores the current threat landscape and identifies best practices for protecting the organization and information vital to patient care and business operations. This fall forum aims to bring together thought leaders from across health IA, IT, and IS specialties to network and share ideas on how IT can help bend the cost curve.
NCCoE senior engineers Jim Banoczi and Harry Perper will present a session titled "Practical Solutions for Managing Access and Assets" at the 2016 FS-ISAC Fall Summit in Nashville, TN. The session provides an overview of the NCCoE and describe two projects that were identified as significant challenges by FS-ISAC members. The first project outlines a practical solution for identifying and managing IT assets within an organization. The second project, Access Rights Management, addresses how to integrate diverse identity and access management platforms to better control access rights. These projects were initiated through discussions with FS-ISAC members and have broad applicability across the financial sector.
The CyberMaryland Conference is an annual two-day event presented jointly by The National Cyber Security Hall of Fame and Federal Business Council (FBC) in conjunction with academia, government, and private industry organizations. NCCoE Senior Security Engineer Don Tobin will lead a Cyber Threat Intelligence Forum on "Restoring Data Integrity After a Destructive Malware or Ransomware Attack" on Thursday, October 20 at 9 a.m. This presentation will cover the work being done at the NCCoE on methods to effectively recover and restore systems to normal operations after a data corruption attack. The conference will take place at the Baltimore Hilton Hotel.
NIST and the Department of Health and Human Services' Office for Civil Rights will co-host the 9th annual Safeguarding Health Information: Building Assurance through HIPAA Security Conference on October 19-20, 2016 at the Capital Hilton, Washington, D.C. NCCoE computer scientist Gavin O'Brien will host a panel on "Addressing Healthcare Cybersecurity Challenges through Standards-based Solutions" on October 19 from 1:15pm-2:15pm.
NCCoE Senior Security Engineer Jim McCarthy will help lead a full day NIST NCCoE Workshop at GridSecCon on October 18, 2016 in Quebec City, Quebec. The workshop will discuss top challenges facing the energy industry today, and review profiles and worked example solutions in IdAM, Situational Awareness, and Industrial Control Systems. Topics will also include the NIST Cybersecurity Portfolio and Cybersecurity Framework (CSF).
The NCCoE is currently working on a project which aims to explore and implement commercial off-the-shelf solutions that demonstrate derived PIV credential issuance, lifecycle management, and usage. On October 12, 2016, the NCCOE will host a workshop to present the current direction of the Derived PIV Credentials project (including a high level architecture and current technology partners) and to understand stakeholders’ implementations, challenges, and desired usage.
NCCoE Computer Scientist Gavin O'Brien will join the "Cybersecurity: Out Think Healthcare Threat" panel discussion at the AFCEA Health IT Day at the Bethesda North Marriott Conference Center on Wednesday, October 12 from 10:30am-11:30am. This moderated panel of federal CISOs and privacy experts will share their perspective on how cognitive solutions may impact predictive threats and other cybersecurity topics of interest.
The NCCoE will host TTI/Vanguard members for sector roundtables and demos as part of their 2016 Cybersecurity Conference from noon to 4 p.m. on September 28. TTI/Vanguard’s visit will include demos of example solutions in the areas of health IT, energy, financial services, and IoT, as well as roundtables led by NCCoE experts on health IT, energy, financial services, retail/consumer, and transportation sectors to provide a solutions-oriented deep dive into the issues facing that sector.