News

In the news
September 05, 2018  |  Dark Reading

A new draft publication from the NIST National Cybersecurity Center of Excellence (NCCoE) takes aim at security concerns about the Border Gateway Protocol (BGP), the default routing protocol to route traffic among Internet domains. The paper, "Protecting the Integrity of Internet Routing: Border Gateway Protocol (BGP) Route Origin Validation," is open for public comment until Oct. 15.

In the news
August 31, 2018  |  MeriTalk

The National Institute of Standards and Technology (NIST) is updating two of its major publications regarding mobile device security, and NIST’s National Cybersecurity Center of Excellence (NCCoE) is expanding into uncharted territory. Representatives from NIST, speaking today at an event hosted by ATARC, discussed why these updates have become so necessary amid an evolving security landscape.

In the news
August 31, 2018  |  MedTech Dive

The National Institute of Standards and Technology (NIST) has released the final version of its guidelines to help healthcare organizations guard against cybersecurity threats to wireless infusion pumps. Wireless infusion pumps face risks ranging from unauthorized access to protected health information to interference with a pump’s function and drug dosing, the agency said.

In the news
August 29, 2018  |  The National Law Review

In recognition of the vulnerability of mobile devices and the daily use of those devices in health care, the National Institute of Standards and Technology (NIST) and the National Cybersecurity Center of Excellence (NCCoE) released a practice guide earlier this month entitled Securing Electronic Health Records on Mobile Devices (NIST Special Publication 1800-1).

In the news
August 28, 2018  |  HealthITSecurity

Wirelessly connecting infusion pumps to point-of-care medication systems and EHRs improves healthcare delivery but also increases cybersecurity vulnerability. If not properly secured, wireless infusion pumps open healthcare delivery organizations (HDOs) to access by hackers, breach of PHI, loss or disruption of equipment and services, and damage to reputation, productivity, and revenue.
 

In the news
August 28, 2018  |  Cision/PRNewswire

StrongKey announced today that it has been working closely with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) on a project to help retailers and e-commerce merchants reduce the risk of fraud by implementing multifactor authentication for risky transactions. This past year saw a more than 30 percent increase in e-commerce fraud attacks as online and mobile transactions continued to outpace brick-and-mortar stores. As a result, the NCCoE has just released a draft practice guide NIST Special Publication 1800-17, Multifactor Authentication for E-Commerce.

In the news
August 28, 2018  |  ExecutiveGov

The National Institute of Standards and Technology is seeking feedback regarding a draft practice guide for the use of trusted cybersecurity tools to conduct cloud workloads on hybrid cloud platforms.

In the news
August 28, 2018  |  InfoSecurity

In an effort to reduce online fraud, the National Cybersecurity Center of Excellence (NCCoE), a subdivision of the National Institute of Standards and Technology (NIST), announced it is now accepting feedback on its draft exploring the ways in which multi-factor authentication can help to mitigate fraudulent online purchases.

In the news
August 28, 2018  |  SC Media

SC Media highlights SP 1800-8 Securing Wireless Infusion Pumps and mentions that the guide contains lessons and tips that can help protect the Internet of Medical Things (IoMT).

In the news
August 27, 2018  |  Inside Cybersecurity

The National Institute of Standards and Technology's National Cybersecurity Center of Excellence announced Friday it is accepting comments on a preliminary draft of a “trusted cloud” cybersecurity practice guide. The draft NIST SP 1800-19A, specifically aimed at “VMware hybrid cloud Infrastructure as a Service,” or IaaS, environments, looks to use commercially available technologies to create a reference guide to increase privacy and security in the cloud.