The NCCoE provides research, development, engineering, and technical support, such as:
- frameworks and implementation strategies to encourage and expedite adoption of effective cybersecurity controls and mechanisms
- collaboration across government, industry, and academia to accelerate effective innovation
- systems engineering to accelerate adoption of cybersecurity technologies
- support for technology transfer of cybersecurity solutions
NIST sponsors the National Cybersecurity Federally Funded Research and Development Center (NCF) to support cybersecurity research and development and help demonstrate integrated cybersecurity capabilities that are cost-effective, repeatable, and scalable. NCF operates in the public interest with objectivity and no organizational conflicts of interest. NCCoE will engage NFC to work together on your project proposal.
Department of Homeland Security – Continuous Diagnostics and Mitigation Lab (CDM)
The NCCoE provided technical expertise to assist the Continuous Diagnostics and Mitigation (CDM) Program with developing, designing, implementing, and maintaining a dashboard to help federal agencies produce customized reports containing critical cybersecurity risks. This tool also consolidates information from each agency’s dashboard to create a federal dashboard, providing a whole-of-government overview of its cybersecurity status across all civilian agencies.
Air Force Research Lab – Cyber Resiliency Assessment
The NCCoE is working with the U.S. Air Force Research Laboratory (AFRL) to update and accelerate the adoption of their Cyber Survivability Attributes (CSA) tool by incorporating detailed guidance found in NIST SP 800-160 Volume 2, Developing Cyber Resilient Systems. The CSA tool is part of a broader AFRL program to automate cyber resiliency assessments. Once completed, the enhanced CSA tool will make navigating cyber resiliency constructs far more manageable and applicable in system security engineering decisions.
U.S. Coast Guard – Cybersecurity Framework Profiles
With the help of the NCCoE, the United States Coast Guard (USCG) collaborated with critical infrastructure subsectors that play a role in the Maritime Transportation System to develop voluntary Cybersecurity Framework Profiles (CFP). The resulting USCG Maritime Profile, based on the NIST Cybersecurity Framework, addresses and helps industry mitigate risks in the joint mission areas of Maritime Bulk Liquids Transfer (MBLT), Offshore Operations, and Passenger Vessel Operations. These CFPs identify and prioritize the subset of Cybersecurity Framework Subcategories that support operational priorities in each context, while giving organizations the flexibility to address Subcategories in whatever way makes the most sense for their unique risk posture.
U.S. Department of Transportation – Cybersecurity Framework Profile and Privacy Risk Assessment of Connected Vehicles
To support the emergence of connected vehicle (CV) deployments across the United States, the U.S. Department of Transportation partnered with the NCCoE to create the Cybersecurity Framework Profile and Privacy Risk Assessment Methodology (PRAM) for Connected Vehicle Environments (CVE). This effort is a result of the Intelligent Transportation System Cybersecurity Research Program, which supports ITS deployers by conducting research that adopts or adapts implementation practices from other industries, or develops new approaches specific to transportation if needed. The CVE Cybersecurity Framework Profile is currently being expanded to address the full scope of Intelligent Transportation Systems.