In The News

Below are the latest news stories highlighting the NCCoE. The following links to external websites are curated for your convenience. Inclusion of these stories does not imply NCCoE endorsement or responsibility for the content found on these external websites.

In the news
October 09, 2018  |  JD Supra

On September 7, the National Cybersecurity Center of Excellence (NCCoE) and the National Institute of Standards and Technology (NIST) published Special Publication 1800-5 – IT Asset Management Practice Guide (the Guide) to help financial services companies tackle challenges in managing both the hardware and software components of their information technology assets. The three sections are: Volume A – Executive Summary, Volume B – Approach, Architecture, and Security Characteristics, and Volume C – How-To Guides.

In the news
October 05, 2018  |  MeriTalk

In the ever-present area of IoT security, Katerina Megas, program manager for the Cybersecurity for IoT program at the National Institute of Standards and Technology (NIST), described how the agency invites private sector partners into the National Cybersecurity Center of Excellence (NCCoE) to help create implementation guides for cybersecurity challenges. She cited a completed project that created a reference architecture for wireless infusion pumps, and a current project looking at the Manufacturer’s Usage Description to prevent routers from communicating with unauthorized devices.

In the news
September 17, 2018  |  GovConWire

Technology companies including Dell EMC, Gemalto, HyTrust, IBM (NYSE: IBM), Intel (Nasdaq: INTC), RSA and VMware (NYSE: VMW) will work with the National Institute of Standards and Technology on a project to establish a “Trusted Cloud” that will ensure the security and privacy of workloads, ExecutiveBiz reported Sept. 11.

In the news
September 17, 2018  |  iHLS

Work that started last October on securing the protocol that binds the Internet together is finally yielding results. The National Cybersecurity Center of Excellence (NCCoE) at the US National Institute for Standards and Technology (NIST) published the first draft of a security standard that will secure the BGP.

In the news
September 14, 2018  |  The National Law Review

The National Law Review mentions the NIST practice guide “Securing Electronic Health Records on Mobile Devices” as a resource helping to reduce cybersecurity risks associated with the expanded use of Electronic Health Records (EHRs).

In the news
September 11, 2018  |  ExecutiveBiz

The National Institute of Standards and Technology and a consortium of technology companies have teamed up to build a “trusted cloud” platform that seeks to demonstrate how credible compute pools that leverage commercial systems can offer security capabilities, MeriTalk reported Monday.

In the news
September 10, 2018  |  MeriTalk

As Federal agencies migrate applications to cloud environments, a major impediment to broader adoption of cloud technologies is the ability to protect information and virtual assets, and to gain enough visibility to ensure that both the agencies and cloud providers are complying with legal and business requirements. To that end, the National Institute of Standards and Technology (NIST) is working with a consortium of technology vendors via its National Cybersecurity Center of Excellence (NCCoE) to develop a trusted cloud solution that will demonstrate how trusted compute pools leveraging commercial technologies can provide the necessary security capabilities.

In the news
September 09, 2018  |  ZDNet

This week, a department called the National Cybersecurity Center of Excellence (NCCoE) at the US National Institute for Standards and Technology (NIST) published the first draft of a security standard that will secure the Border Gateway Protocol (BGP). BGP is the primary protocol that internet service providers (ISPs), hosting providers, cloud providers, educational, research, and national networks use to send traffic between each other's networks, linking together the small networks that make up the bigger Internet.

In the news
September 07, 2018  |  Federal News Radio

It sounds like Greek — derived PIV credentials. But a better approach to managing information on personal identity verification cards can help an ongoing federal challenge, namely how to improve cybersecurity for people using mobile devices. Now the National Cybersecurity Center of Excellence has released fresh guidance on so-called derived credentials. Hildegard Ferraiolo, a computer scientist with the Security Components and Mechanisms Group at the National Institute of Standards and Technology, joined Federal Drive with Tom Temin for what it is and how it works.

In the news
September 06, 2018  |  The Register

A proposal for securing BGP – the protocol that lays out the traffic pathways of the internet – has a another backer: NIST, aka America's National Institute for Standards and Technology. The US government agency has issued a discussion paper outlining the use of Route Origin Validation (ROV) to protect the notoriously all-too-trusting Border Gateway Protocol (BGP) from route hijacking.