In The News

Below are the latest news stories highlighting the NCCoE. The following links to external websites are curated for your convenience. Inclusion of these stories does not imply NCCoE endorsement or responsibility for the content found on these external websites.

In the news
September 30, 2015  |  HealthITSecurity

The National Institute of Standards and Technology (NIST) recently published draft guidance on how organizations can improve their approach to data security.

The guide discusses how using an attribute based access control (ABAC) system could be more flexible and efficient, and also why this approach may be preferred over using a role-based access control (RBAC) system. The National Cybersecurity Center of Excellence (NCCoE) is currently accepting comments on the draft, a NIST release stated.

In the news
September 30, 2015  |  FierceGovernmentIT
In what NIST has dubbed a "practice guide," agencies have information to help them recreate an example solution, which is based on commercial technologies and references NIST standards and industry best practices.
The guide comes out of a public-private partnership called the National Cybersecurity Center of Excellence.
In the news
September 29, 2015  |  AFCEA

As part of its efforts to provide practical solutions to real-world cybersecurity challenges, the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) is requesting comments on a draft guidance to help organizations better control access to information systems.

In the news
September 28, 2015  |  RSA
Today, we’re witnessing a big step forward in this effort. The National Cybersecurity Center of Excellence (NCCoE) – part of the Federal government’s National Institute of Standards and Technology (NIST) – is releasing a draft NIST Cybersecurity Practice Guide SP 1800-3, demonstrating the use of Attribute Based Access Control (ABAC).
In the news
September 27, 2015  |  Lexology

It’s no surprise that the National Cybersecurity Center of Excellence (NCCOE) has extended the public comment period for one of its newest guides, “Securing Electronic Health Records on Mobile Devices.” The five-part publication is one of the most detailed and potentially powerful resources that the NCCOE has released in recent memory, and it serves as one of the most comprehensive manuals to address the protection of patient information records, with a particular focus on securing mobile technology.

In the news
September 08, 2015  |  FierceGovernmentIT

Cybersecurity is such an immense challenge, no single federal entity can make considerable progress on its own.

But one of the most responsive and cutting-edge programs is the National Cybersecurity Center of Excellence because it can drill into new focus areas as the threat landscape changes, he said.

Established in 2012, the NCCoE brings together government, industry and academia to develop and implement cybersecurity standards, best practices and tools, said Stein. Twenty-two industry partners have pledged a continuous presence at NCCoE.

In the news
August 27, 2015  |  Metering & Smart Energy International

In the US, the National Cybersecurity Center of Excellence (NCC0E) has released a draft guide for utilities as part of a drive to move away from decentralised identity management practices. 

The guide, Identity and Access Management for Electric Utilities, could help energy companies reduce their risk by showing them how they can control access to facilities and devices from a single console.

In the news
August 26, 2015  |  Nextgov

The federal government wants utilities companies to keep people from gaining unauthorized access to buildings, networks, data and control systems and potentially triggering power outages.

In a new guide, the National Institutes of Standards and Technology aims to teach energy companies to protect their digital and physical assets by using a platform that could let them see who has access to any part of a system at any time. 

In the news
August 26, 2015  |  FierceGovernmentIT

The National Cybersecurity Center of Excellence is urging utility companies to change decentralized identity management practices at their facilities to shore up a weak link against online attack.

The NCCoE, which is a partnership of the National Institute of Standards and Technology, Maryland and Montgomery County, released a draft guide to walk utility companies through the process of setting up a single identity management system that can work for employees no matter which department they work under.

In the news
August 25, 2015  |  EnergyWire

The National Institute of Standards and Technology is stepping up its efforts to help energy companies keep their critical networks under lock and key.

The nonregulatory agency announced yesterday that it's seeking input on a draft how-to guide for managing access to electric utilities, from their physical control rooms to any Internet-connected computers.