News and Events

March 20, 2018

The 2018 AlertEnterprise User Group meeting will focus on Security Convergence with topics such as Physical and Cyber Security, as well as IoT security. NCCoE Egineer Harry Perper will present two sessions: "Leveraging Cyber/Physical Security Convergence for Critical Infrastructure Protection" and "Example Implementation of NIST SP 1800-2 – Adoption Case Study."

March 19, 2018

NCCOE Engineer Harry Perper, will present "Increasing the Adoption of Standards-based Cybersecurity Technologies on Monday, March 19 from 10:35am to 11:20am at the Insider Threat 2018 Summit. Identity and access management is one of the pillars of cybersecurity that directly address the issues of insider threats. The NCCoE will discuss its identity and access management projects. The projects are based on standards based cybersecurity technologies. The goal of this presentation is to convey the concepts the center has developed to integrate available technologies to address current identity and access management challenges.

February 22, 2018

GDPR compliance requires a holistic approach across the entire enterprise because the PII data resides across many organizational silos, including IT & Physical Access Control Systems. Attend this webinar to learn how many fortune 500s, including global customers in financial / banking / telecommunication sectors are proactively addressing GDPR compliance with a high degree of automation.

January 23, 2018

Join us for a webinar on managing access rights and IT assets with NIST standards-based solutions. In this webinar, you will learn from NCCoE and Splunk experts how architectures can be implemented at your organization to improve your cybersecurity posture and how a robust data analytics platform plays a key role.

October 12, 2017

The National Cybersecurity Center of Excellence (NCCoE) is excited to announce the release of three new draft project descriptions: TLS (Transport Layer Security) Server Certificate Management, ...

October 01, 2017

NCCoE Senior Engineer Harry Perper will present "Ransomware Recovery and Privileged Account Management Improve Resilience" on October 4 from 1:45pm to 2:30pm at the FS-ISAC Fall Summit in Baltimore, Md. Malware and insider threat actors often make use of privileged accounts to enable their activities. Recovery from ransomware is complicated by the lack of consistent and protected file and system back-ups. And access rights policies are difficult to enforce using manual processes. This session will explore  the NCCoE's research and projects related to Data Integrity (ransomware recovery), Access Rights Management, and Privileged Account Management.

September 01, 2017

The National Institute of Standards and Technology’s National Cybersecurity Center of Excellence has released for public comment a draft cybersecurity “practice guide” on managing access rights for the financial sector. The NCCoE announced Thursday that it is seeking comment on the guide-- which details ways financial services companies can improve security by limiting employee access to information -- through Oct. 31.

September 01, 2017

National Institute of Standards and Technology (NIST), an agency of the US Department of Commerce promoting innovation and industrial competitiveness, and cybersecurity tech specialist NextLabs have partnered to develop a framework for implementing and administering access rights management (ARM) in the financial services sector.

August 31, 2017

In collaboration with the financial services community and technology collaborators, the National Cybersecurity Center of Excellence (NCCoE) developed draft cybersecurity guidance, NIST Special Publication 1800-9: Access Rights Management for the Financial Services Sector, which uses standards-based, commercially available technologies and industry best practices to help financial services companies provide a more secure and efficient way to manage access to data and system. The draft guide is now open for public comment through October 31, 2017.

August 31, 2017

The National Institute of Standards and Technology‘s National Cybersecurity Center of Excellence has partnered with NextLabs to craft a framework for the agency to implement and administer access rights management guidelines across the financial services industry. NCCoE aims to equip financial institutions with a centralized system to manage and protect disparate identity and access systems from cyber threats, NextLabs said Thursday.

August 17, 2017

The National Institute of Standards and Technology’s National Cybersecurity Center of Excellence is working to issue a draft guide on access rights management in the financial sector by the end of September.

June 28, 2017

The NCCoE Financial Services Sector project team will present project updates and engage in discussion to identify adopters and new project ideas with the Investment Company Institute's CISO Subcommittee on June 28.

June 28, 2017

The NCCoE Financial Services Sector project team will meet with FINRA to provide NCCoE project updates and to discuss FINRA collaboration, adoption, and new project ideas.  

June 08, 2017

The NCCoE Financial Services Sector project team will meet with the FS-ISAC Community Institution Council Advisory Group, which includes leaders of the 3,000+ FS-ISAC member grou, to further collaboration between the two organizations.

April 30, 2017

The NCCoE Financial Services project team will attend the FS-ISAC Spring Summit in Orlando April, 30 - May 3. The team will host two tables during the Opening Breakfast on Tuesday, May 2 beginning at 7:00a.m. through the break at 9:45a.m. We invite you to join us at the table where you can meet the team and learn more about the work we're doing at the NCCoE. In addition, if you would like to meet with us individually, we're available for one-on-one meetings. RSVP for the breakfast table or schedule a meeting by emailing financial_nccoe@nist.gov

March 10, 2017

NCCoE cybersecurity engineers Jim Banoczi and Harry Perper will present "Managing Access and Assets for the Financial Services Industry" at the ISSA Mid-Atlantic Information Security Conference on March 10, 2017 at 9:40am at Universities at Shady Grove Conference Center in Rockville, Md. 

February 09, 2017

The National Cybersecurity Center of Excellence (NCCoE), a part of the National Institute for Standards and Technology (NIST), will demonstrate its current projects in San Francisco Feb. 13-17 at the RSA Conference and Orlando Feb 19-23 at the Healthcare Information and Management Systems Society Annual Conference & Exhibition (HIMSS17).

Individuals and organizations interested in learning more about the NCCoE’s work and how they can participate are encouraged to visit the booth and attend the presentations and demonstrations listed below.

RSA Conference: February 13-17, 2017

January 23, 2017

Splunk and NCCoE experts will discuss the example solutions in a webinar on January 23, 2018 at 2pm eastern time.   If you can’t attend the webinar in real time, you can still receive the recorded version.

October 23, 2016

NCCoE senior engineers Jim Banoczi and Harry Perper will present a session titled "Practical Solutions for Managing Access and Assets" at the 2016 FS-ISAC Fall Summit in Nashville, TN. The session provides an overview of the NCCoE and describe two projects that were identified as significant challenges by FS-ISAC members. The first project outlines a practical solution for identifying and managing IT assets within an organization. The second project, Access Rights Management, addresses how to integrate diverse identity and access management platforms to better control access rights. These projects were initiated through discussions with FS-ISAC members and have broad applicability across the financial sector.

August 22, 2016

NCCoE Chief Engineer Harry Perper will participate in a panel discussion on Cybersecurity for the Financial Sector from 3:15pm-4:00pm at CyberTexas.