Blog

Blog
April 30, 2018  |  Bill Fisher and Teresa Thomas

The National Cybersecurity Center of Excellence’s (NCCoE’s) most recent practice guide, Mobile Application Single Sign-On: Improving Authentication for Public Safety First Responders, aims to provide first responders with an efficient and secure means to access information from portable devices. This guide approaches security and efficiency from four angles: multifactor authentication (MFA), single sign-on (SSO), identity federation, and well-established standards.

Blog
April 17, 2018  |  Susan Prince

With the integration of mobile devices, including smartphones and tablets, into their daily lives people are changing how, where, and when they work. The office is no longer the only place where work gets done; users want access to the information they need using the devices that work best for them. Checking email or approving expense reports while out of the office are just a few examples of the flexibility that users desire to manage life in today’s fast-paced world. However, what should users do when the work involves sensitive information?

Blog
December 06, 2017  |  Titilayo Ogunyale

Appthority, IBM, Kryptowire, Lookout, Mobileiron, and Qualcomm, have joined the National Cybersecurity Center of Excellence (NCCoE) as technology collaborators in the Mobile Device Security for Enterprises project (MDSE).*

Blog
November 20, 2017  |  NIST

As part of a weeklong initiative called ‘DC CyberWeek’ (hosted by CyberScoop) to raise awareness in the cybersecurity community, the National Cybersecurity Center of Excellence (NCCoE)—part of NIST—hosted an event called ‘Coffee, cookies, and cybersecurity’ in Rockville, MD on October 19th.

Blog
October 12, 2017

The National Cybersecurity Center of Excellence (NCCoE) is excited to announce the release of three new draft project descriptions: TLS (Transport Layer Security) Server Certificate ManagementIoT-Based Automated Distributed Threats, and Privileged Account Management: Securing Privileged Accounts for the Financial Services Sector. We are seeking your feedback on these drafts to help refine the challenge and scope.

Blog
August 31, 2017  |  Susan Prince

In collaboration with the financial services community and technology collaborators, the National Cybersecurity Center of Excellence (NCCoE) developed draft cybersecurity guidance, NIST Special Publication 1800-9: Access Rights Management for the Financial Services Sector, which uses standards-based, commercially available technologies and industry best practices to help financial services companies provide a more secure and efficient way to manage access to data and system. The draft guide is now open for public comment through October 31, 2017.

Blog
August 23, 2017  |  Caroline Tan, NCCoE Summer Intern

I learned that the concept of managing each transfer in a supply chain can be applied to the outputs of any company or organization. That basic understanding of product movement in planning, procurement, manufacturing, and delivery helped me transition into my internship at the National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE). I was initially intimidated by the name and intellectual weight of the organization. These innovators—my now co-workers—were spearheading cybersecurity solutions for wireless infusion pumps, secure inter-domain routing, and identity and access management. And they even shed light on supply chain management, explaining to me that there is a possibility of risk at each transfer point and at each step in the process, not just with physical materials, but also with the critical intangibles such as data, software, and intellectual property. Here, I found an overlap that wasn’t deeply addressed in my supply chain course. I wanted to combine my undergraduate background and experience with the wealth of knowledge around me and contribute back to the organization.

Blog
August 08, 2017  |  Sarah Kinling

Callsign, CA Technologies, Rivetz, RSA, Splunk, StrongAuth, TokenOne, and Yubico, have joined the National Cybersecurity Center of Excellence (NCCoE) as technology collaborators in the Multifactor Authentication (MFA) for e-Commerce project.* In response to a call in the Federal Register, these companies submitted capabiliti

Blog
June 27, 2017  |  Donna Dodson

As its name suggests, the internet of things will connect all kinds of things, bringing us a wealth of data about, well, everything that we can use to improve our lives. For example, internet-connected smart parking meters are helping people find available parking spaces, saving time, fuel and probably more than a few relationships. People are using fitness trackers to log their daily activity and achieve their fitness goals, making them healthier and happier. And technologies that promise to make travel safer and more convenient, such as self-driving cars and highway sensors that detect and adapt to real-time road conditions, are quickly moving from concept to reality.

Blog
May 24, 2017  |  William Fisher

Motorola Solutions, Nok Nok Labs, Ping Identity, StrongAuth, and Yubico have joined the National Cybersecurity Center of Excellence (NCCoE) as technology collaborators in the Mobile Application Single Sign-On (SSO) project. As part of this collaboration, NIST will compose and release a publicly available Cybersecurity Practice Guide (Special Publication 1800 series) that will document the reference design and help public safety and first responder (PSFR) organizations implement multifactor authentication and mobile application SSO in their own environments.