Authenticating users in card not present (CNP) transactions continues to be a challenge for e-commerce payments. In this session "No Card? No Problem" NCCoE's Deputy Program Manager Brian Abe and Orvis' Head of IT Security, Compliance and Risk Management Tyson Martin will discuss approaches being developed by the NCCoE in conjunction with industry partners to implement multifactor authentication to address these challenges and implement stronger authentication mechanisms to ensure a customer is authorized to use a credit card for e-commerce transactions. The NCCoE example implementation will introduce multifactor authentication that ties to existing web analytics and contextual risk calculation to reduce the risk of false online identification and authentication fraud.
NIST and the Department of Health and Human Services (HHS), Office for Civil Rights (OCR) are co-hosting the 10th annual conference, Safeguarding Health Information: Building Assurance through HIPAA Security, at the Hyatt Regency, Washington, D.C. The conference will explore the current healthcare cybersecurity landscape and the (HIPAA) Security Rule. The NCCoE will provide updates on its Healthcare sector projects in two presentations.
NCCoE Acting Deputy Director Tim McBride will participate in the panel discussion "Continuous Diagnostics and Mitigation – Fortifying Government" from 10:30am-11:10am at FCW's Cybersecurity Summit in Washington, DC. This session will discuss strategies for leveraging the full capabilities of CDM as part of an agency’s broader cyber strategy.
NCCoE Security Engineer Joshua Franklin will participate in a panel discussion titled "A Defense-in-Depth Approach to Mobile Security" from 11:30am to 12:10pm. This session will explore the different dimensions of mobile security and how they must be managed in a comprehensive approach. Topics include mobile device management, authentication strategies, and the mobile threat landscape. The Mobility Summit will be held in Washington, D.C. and will provide federal IT leaders with insights into the foundations of the mobile ecosystem: Productivity tools, apps, devices, management strategies, and defense-in-depth cybersecurity.
NIST will host the workshop "Enhancing Resilience of the Internet and Communications Ecosystem" at the NCCoE on July 11 and 12. This workshop is in support of DOC responsibilities under EO 13800 to provide a report to the President to "identify and promote action by appropriate stakeholders to improve the resilience of the Internet and communications ecosystem and to encourage collaboration with the goal of dramatically reducing threats perpetrated by automated and distributed attacks."
The NCCoE Financial Services Sector project team will meet with FINRA to provide NCCoE project updates and to discuss FINRA collaboration, adoption, and new project ideas.
The NCCoE Financial Services Sector project team will present project updates and engage in discussion to identify adopters and new project ideas with the Investment Company Institute's CISO Subcommittee on June 28.
NCCoE Director of Operations Tim McBride will speak at Cyber Hygiene for the Health Sector on Tuesday, June 27 from 8am-9:30am EST at Launch Workplaces (9841 Washingtonian Blvd Ste 200, Gaithersburg, MD 20878). Do you worry about the security of your organizations data, your customer's data, or the potential impacts of a cyber attack on your organization? McBride will join speakers Denise Anderson, President, National Health Information Sharing and Analysis Center (NH-ISAC) and Kevin Crain, CISO, UMD Health System to examine the need for good cyber hygiene in healthcare sector organizations.
Borderless Cyber USA brings together the world’s most informed cybersecurity leaders to share insights on changing the economics of computer network defense for a two-day conference at the U.S. Customs House in New York City. NCCoE Associate Director of Operations Tim McBride will speak during a roundtable session on Cyber Threat Collaborations and Alliances to Improve Global Defenses Against Cyber Adversaries on June 22 from 3:15-4:30pm.
NCCoE security engineer Bill Fisher will be presenting a session on NCCoE projects on June 19 from 9am to 12pm at the Cloud Identity Summit. Presentations will include overviews of the Mobile Application Single Sign-On project and the Multifactor Authentication for e-Commerce project. NCCoE security engineer Christopher Brown will present a deeper dive on the NCCoE's Derived PIV Credentials project on June 22 at 11:15am. The summit brings together the best of industry and enterprise presenters and experts to share insights and to synthesize new ideas. The summit will be held from June 19-22 at the Sheraton Grand Chicago in Chicago, Il.