In The News

Below are the latest news stories highlighting the NCCoE. The following links to external websites are curated for your convenience. Inclusion of these stories does not imply NCCoE endorsement or responsibility for the content found on these external websites.

In the news
May 19, 2021  |  Federal News Network

Feds will eventually travel again on business. And when they do, their personal data will end up in property management systems. The systems hotels use to manage and book space. Turns out these systems are vulnerable to hackers seeing personal information. Now the National Institute of Standards and Technology has released results of focused work with the industry to help the situation. Joining Federal Drive with Tom Temin with more, National Cybersecurity Center of Excellence engineer Bill Newhouse.

In the news
May 18, 2021  |  JD Supra

On May 12, 2021, President Biden issued Executive Order No. 14028, entitled “Improving the Nation’s Cybersecurity”, setting out new and enhanced cybersecurity standards for federal government agencies and the commercial software products utilized by them. The Biden administration’s order comes in the wake of increasingly damaging and sophisticated cyber-attacks on American companies and infrastructure.

In the news
May 17, 2021  |  Nextgov

One primary consideration should drive implementation: who gets to see what content? 

In the news
May 14, 2021  |  Mirage News

Used in cyberattacks that can paralyze organizations, ransomware is malicious software that encrypts a computer system’s data and demands payment to restore access. To help organizations protect against ransomware attacks and recover from them if they happen, the National Institute of Standards and Technology (NIST) has published an infographic offering a series of simple tips and tactics.

In the news
May 12, 2021  |  Spectrum News

In the aftermath of the recent Colonial Pipeline hack, which caused the shutdown of the United States’ largest pipeline system for refined oil products, President Joe Biden signed an executive order to help shore up the nation’s cybersecurity and protect government networks.

In the news
May 12, 2021  |  Tripwire

In 2019, the hospitality industry suffered 13 percent of all data breaches, ranking third highest among targeted industries. It was two years later when NIST released SP 1800-27: Securing Property Management Systems to help hoteliers secure their Property Management Systems (PMS) and associated patron data. The National Cybersecurity Center of Excellence (NCCoE) at NIST collaborated with cybersecurity solutions providers and the hospitality business community to create a zero-trust example implementation framework under which a PMS and related systems could be secured using existing off-the-shelf and open-source solutions.

In the news
May 11, 2021  |  Cybersecurity & Infrastructure Security Agency

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are aware of a ransomware attack affecting a critical infrastructure (CI) entity—a pipeline company—in the United States. Malicious cyber actors deployed DarkSide ransomware against the pipeline company’s information technology (IT) network.[1] At this time, there is no indication that the entity’s operational technology (OT) networks have been directly affected by the ransomware.

In the news
May 06, 2021  |  Security Boulevard

The National Institute of Science and Technology (NIST) says that public-key encryption, digital signatures, and secure key exchange “are the heart and blood” of digital identity and trust. These support numerous online applications and services critical to our economy, safety, and way of life.

In the news
May 05, 2021  |  Palo Alto Networks

Ensuring the underlying security of our 5G-dependent future is a generational challenge and Palo Alto Networks is committed to being at the forefront. We’re honored to announce our selection as a technology partner in the National Cybersecurity Center of Excellence (NCCoE) 5G Cybersecurity project. 

In the news
May 04, 2021  |  JD Supra

NIST Requests Comment on its Mobile Device Security Practice Guide; NIST Requests Comment on its IoT Cybersecurity Practice Guide for Distributed Energy Resources