The public/private partnership is alive and folks at NIST, the National Cybersecurity Center of Excellence and others have recently revised guidelines to help modernize, looking at open standards such as OAuth, Fast Identity Online (FIDO), OpenID and others to try and help solve this problem. Biometric identity authentication on a government-trusted device, and the use of a FIPS-validated hardware token like the Yubico Yubikey for replacement of a CAC or PIV card will make agency life easier on the path to IT modernization.
News
In the news
May 24, 2018 |
Critical infrastructure is dependent on electricity. If the electric grid were shut down by a cyberattack, crucial functions of daily life ranging from ATM and online banking transactions to heating and cooling your homes – and shopping for food and gasoline – would come to a halt. The National Institute of Standards and Technology’s National Cybersecurity Center of Excellence collaborates with utility companies, technology vendors, government agencies and academia to produce example solutions. These solutions can then be adopted by the energy sector and tailored to their environment to address cybersecurity challenges.
In the news
May 17, 2018 |
Yubico’s recent collaboration with the U.S. National Institute of Standards (NIST) and National Cyber Center of Excellence (NCCoE) resulted in a three-volume draft practice guide for the improvement of mobile authentication methods for public safety professionals and first responders. In emergency situations, time is of the essence. Minutes and even seconds can sometimes mean the difference between life and death. The joint project was developed with this in mind, with the ultimate goal of creating reliable and secure mobile platforms that can be quickly accessed.
In the news
May 16, 2018 |
The National Institute of Standards and Technology (NIST) has announced that it will be seeking industry input on developing use cases for its framework of cybersecurity standards related to patient imaging devices. NIST’s latest announcement is directed at eventually providing security guidance for the healthcare sector’s most common uses of data.
In the news
May 09, 2018 |
The National Institute of Standards and Technology’s National Cybersecurity Center of Excellence today issued a request for technical expertise and products to help improve the cybersecurity of Picture Archiving and Communications Systems, widely used for treatment and diagnosis in hospitals. In a Federal Register notice, NIST “invites organizations to provide products and technical expertise to support and demonstrate security platforms” for the cybersecurity of PACS, which comprise medical imaging technology used for storing and presenting images produced by MRIs, X-rays, CT scanners, and other devices.
In the news
May 08, 2018 |
Working with the private sector, NIST’s National Cybersecurity Center of Excellence created a platform that uses Domain Name System security extensions and authentication to ensure the validity of email signatures. In two separate test scenarios NIST ran, a fraudulent actor attempted to pose as a trusted email source, and the security platform thwarted the spoofing attack.
In the news
May 01, 2018 |
This article discusses how the National Cybersecurity Center of Excellence (NCCoE) develops practical and usable cybersecurity guidance that can be adopted across industries, including the healthcare sector. The NCCoE works across public-private partnerships to create the National Institute of Standards and Technology (NIST) Special Publication (SP)1800 Series practice guides that are focused on specific industry challenges that companies can adopt for use.
In the news
May 01, 2018 |
Surveillance technologies may also help improve cybersecurity protections, enabling organizations to closely monitor and mitigate threats. In industries such as healthcare, finance, hospitality or electrical power, there are federal oversight recommendations and guidance published by NIST and the National Cybersecurity Center of Excellence (NCCoE) that can help organizations improve cybersecurity and privacy protections.
Blog
April 30, 2018 |
The National Cybersecurity Center of Excellence’s (NCCoE’s) most recent practice guide, Mobile Application Single Sign-On: Improving Authentication for Public Safety First Responders, aims to provide first responders with an efficient and secure means to access information from portable devices. This guide approaches security and efficiency from four angles: multifactor authentication (MFA), single sign-on (SSO), identity federation, and well-established standards.
In the news
April 27, 2018 |
The National Institute of Standards and Technology is seeking industry proposals for demonstrating technologies and methods for protecting the integrity of data against ransomware and other malware attacks, as part of a broader project managed by the agency's National Cybersecurity Center of Excellence. Specifically, NIST is seeking industry proposals for “identifying and protecting assets” and “detecting and responding” to ransomware and other “destructive events,” according to a Federal Register notice issued today.