NIST Guest Researcher William Barker discusses the past, present and future of the National Cybersecurity Center of Excellence. Learn more about how the center partners with IT users, service providers, product developers, vendors, and other government agencies along with examples of our projects.
TechTarget puts a spotlight on the growing concerns around ransomware attacks involving cities. This article provides information regarding what organizations should do if infected with ransomware, referencing the NIST Special Publication 1800-11 Data Integrity: Recovering from Ransomware and Other Destructive Events as a resource.
The Armed Forces Communications and Electronics Association (AFCEA)'s SIGNAL Magazine highlighted the recent Federal Identity (FedID) Understanding of Identity Meetup at the National Cybersecurity Center of Excellence (NCCoE) in Rockville, Maryland, on June 20. The event brought together government officials, military leaders and private sector professionals for a candid discussion of issues relating to the federal implementation of identity assurance in the digital world.
The National Cybersecurity Center of Excellence (NCCoE) invites you to join us on Wednesday, June 27, 2018 from 9 a.m. - 12 p.m. for a CXO Roundtable to share your thoughts on the challenges and potential solutions around malware and industrial IoT (IIoT) for sectors that depend on ICS for their core operations. This roundtable will consist of a dozen stakeholders across industry, government, and academia to encourage highly interactive dialogues–giving each individual an opportunity to share his or her thoughts on ICS cybersecurity challenges and to showcase his or her expertise in helping solve those challenges.
The Chief Information Security Officers Council (CISO Council) sought to produce the “CISO Handbook” – a compendium of key information and actionable templates and processes – to provide a “one stop shop” for new and emerging information security professionals to begin their upskilling into future cybersecurity executives. The Handbook is a foundational document that will help agency leadership drive transformational workforce changes in a standardized, repeatable manner and create greater collaboration and coordination across agencies to address systemic cybersecurity challenges. This document highlights the NCCoE's cybersecurity practice guides, Special Publication 1800 series.
NCCoE Security Engineer Bill Fisher will present “Improving Mobile Authentication for Public Safety & First Responders” at the Identiverse 2018 Conference at 3:30pm EDT on June 24. This session will cover the recently released NIST SP 1800-13 practice guide which details the challenges of mobile authentication for public safety and first responder personnel, the FIDO and IETF standards for addressing multifactor authentication and single sign-on on mobile platforms, a detailed description of the NCCoE reference architecture, and a demonstration of the reference design with public safety applications.
On June 20, the National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE), in partnership with the FedID Planning Committee, will host a meet-up on "Educating the Public (and Policymakers) on Identity." Speakers will discuss the importance of ensuring that the public (and policymakers) have a proper understanding of identity topics, share stories (and their impacts) from past issues, and offer what they feel are the biggest concerns for the future. Attendance at the meet-up is open to anyone in the community wishing to learn and/or discuss ideas on demystifying technologies and programs. There will not be a charge to attend, but space is limited so register soon.
Join NCCoE security engineers at the Hospitality Industry Technology Exposition and Conference (HITEC®) on June 18-21 in Houston, Texas. HITEC brings together top hospitality technology industry experts and technology providers to showcase the latest trends in high-tech hospitality, and discuss the opportunities and challenges they present. NCCoE’s Julie Snyder will participate in the panel “Data Security, The Fight for Privacy” on Monday, June 21, from 8:00-9:30am.
The National Institute of Standards and Technology (NIST) Computer Security Resource Center (CSRC) has a wealth of resources targeting specific cybersecurity challenges in the public and private sectors. These practical, user-friendly guides can help your practice facilitate the adoption of standards-based approaches to cybersecurity.
Cybersecurity technology advances and NIST best practices along with automation and system controls go a long way to minimize errors, but it doesn't completely eliminate the potential for error by human actors. So how can you reduce the opportunity for and damage of a threat to your organization? Join Harry Perper, Chief Engineer, NIST's National Cybersecurity Center of Excellence, and Neha Gupta, CEO of True Office Learning as they discuss this challenge.
The Lexington Institute is hosting a Cybersecurity of the Electric Grid Capitol Hill Forum on Friday, June 8 at 12 pm. National Institute of Standards and Technology's Senior Security Engineer Jim McCarthy will be one of several presenters, and will discuss the NCCoE's energy sector projects and collaboration process.
On June 5 at 2:05 pm, NCCoE Chief Security Engineer Harry Perper will participate in the Identity panel at the 2018 DOE Cyber Conference. This session will focus on DOE Identity, Credential, and Access Management Program (ICAM) implementation with major focus on the OneID DOE enterprise identity service developed and supported by LLNL. This event will be a part of the Advancing Cybersecurity Excellence: Moving from Compliance to Risk Management track.
NCCoE Lead Engineer, Bill Fisher, will participate on a panel entitled Security of the Future Public Safety Broadband Network at the 2018 PSCR Public Safety Broadband Stakeholder Meeting. Mr. Fisher's panel will present on Thursday June 7th at 3pm and will include John Beltz of NIST PSCR, Sheila Frankel of NIST ITL, and Don Harriss of NIST PSCR.
The public/private partnership is alive and folks at NIST, the National Cybersecurity Center of Excellence and others have recently revised guidelines to help modernize, looking at open standards such as OAuth, Fast Identity Online (FIDO), OpenID and others to try and help solve this problem. Biometric identity authentication on a government-trusted device, and the use of a FIPS-validated hardware token like the Yubico Yubikey for replacement of a CAC or PIV card will make agency life easier on the path to IT modernization.
Critical infrastructure is dependent on electricity. If the electric grid were shut down by a cyberattack, crucial functions of daily life ranging from ATM and online banking transactions to heating and cooling your homes – and shopping for food and gasoline – would come to a halt. The National Institute of Standards and Technology’s National Cybersecurity Center of Excellence collaborates with utility companies, technology vendors, government agencies and academia to produce example solutions. These solutions can then be adopted by the energy sector and tailored to their environment to address cybersecurity challenges.
NCCoE Deputy Director Tim Mcbride will present "Recover Quickly & Safely from Ransomware" at the Enfuse 2018 Conference at 8am on May 22. This session will discuss how industry experts and technology collaborators worked with the NCCoE to develop practical cybersecurity guidance on recovering from destructive malware and ransomware. This session will highlight the recently released NIST Special Publication 1800-11, Data Integrity: Recovering from Ransomware and Other Destructive Events.
Join NCCoE Lead Security & Privacy Engineer Julie Snyder as she presents “Identifying and Evaluating Privacy Risks and Making Smart Privacy Engineering Decisions” at the 2018 Summit on Cyber Security for Oil and Gas on May 21 at 11:15 am.
Yubico’s recent collaboration with the U.S. National Institute of Standards (NIST) and National Cyber Center of Excellence (NCCoE) resulted in a three-volume draft practice guide for the improvement of mobile authentication methods for public safety professionals and first responders. In emergency situations, time is of the essence. Minutes and even seconds can sometimes mean the difference between life and death. The joint project was developed with this in mind, with the ultimate goal of creating reliable and secure mobile platforms that can be quickly accessed.
The National Institute of Standards and Technology (NIST) has announced that it will be seeking industry input on developing use cases for its framework of cybersecurity standards related to patient imaging devices. NIST’s latest announcement is directed at eventually providing security guidance for the healthcare sector’s most common uses of data.