News

In the news
August 25, 2015  |  Inside Cybersecurity

A draft IT security guide for medical devices developed by the National Institute of Standards and Technology should undergo an exercise to see how it aligns with existing health-sector cybersecurity regulations, a NIST official said Tuesday.

In the news
August 25, 2015  |  FCW

The National Cybersecurity Center of Excellence, part of the National Institute of Standards and Technology, is seeking comments on a security guide for power companies.

The "Identity and Access Management for Electric Utilities" guide aims to help energy companies keep their systems safer by using better, centralized identity management.

In the news
August 25, 2015  |  Inside Cybersecurity

The National Cybersecurity Center of Excellence has issued for public comment a draft guide on identity and access management for the electric sector.

The center, which is part of the National Institute of Standards and Technology, on Tuesday released "Identity and Access Management for Electric Utilities" and is seeking comments by Oct. 23.

In the news
August 25, 2015  |  The Daily Dot

The U.S. government is asking energy experts and the general public to weigh in on a new plan to protect the power grid from cyberattacks.

The draft proposal, titled "Identity and Access Management for Electric Utilities," is the result of a partnership between energy companies' security teams and the National Cybersecurity Center of Excellence (NCCoE), a division of the National Institute of Standards and Technology (NIST).

In the news
August 25, 2015  |  ExecutiveGov

The National Institute of Standards and Technology‘s National Cybersecurity Center of Excellence has opened the comment period for a draft guide on access control measures for energy companies to reduce cyber risk.

NIST said Tuesday the “Identity and Access Management for Electric Utilities” guide is based on NCCoE’s discussions with the energy sector on cybersecurity challenges.

In the news
August 25, 2015  |  EnergyWire

The National Institute of Standards and Technology is stepping up its efforts to help energy companies keep their critical networks under lock and key.

The nonregulatory agency announced yesterday that it's seeking input on a draft how-to guide for managing access to electric utilities, from their physical control rooms to any Internet-connected computers.

In the news
August 24, 2015  |  ComputerWorld

U.S. electric utilities should pay close attention to their authentication systems and access controls to reduce data breaches, a government agency says in a new cybersecurity guide.

About 5 percent of all cybersecurity incidents that the U.S. Department of Homeland Security's industrial control cyber team responded to in 2014 were tied to weak authentication, said the U.S. National Institute of Standards and Technology (NIST). Another four percent of industrial control incidents were related to abuses of access authority, the agency said.

In the news
August 24, 2015  |  SANS Institute Newsletter

The US National Institute of Standards and Technology (NIST) has released "Identity and Access Management for Electric Utilities," a draft guide to cybersecurity for US electric utilities. The guide describes a centralized access control system developed by NIST's National Cybersecurity Center of Excellence's (NCCoE). NIST is accepting comments on the document until October 23, 2015. 

In the news
August 24, 2015  |  CIO

U.S. electric utilities should pay close attention to their authentication systems and access controls to reduce data breaches, a government agency says in a new cybersecurity guide.

The new cybersecurity guide, released in draft form by NIST's National Cybersecurity Center of Excellence (NCCoE) Tuesday, focuses on helping energy companies reduce their cybersecurity risks by showing them how they can control access to facilities and devices from a single console.

Announcements
August 24, 2015

The National Cybersecurity Center of Excellence (NCCoE) is requesting comments on a draft guide to help energy companies better control who has access to their networked resources, including buildings, equipment, information technology and industrial control systems. The center, part of the U.S. Commerce Department’s National Institute of Standards and Technology (NIST), works with IT developers and providers to help businesses reduce their cyber risk.