U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Announcements

NCCoE Showcases Projects at RSA Conference 2022

NIST NCCoE

RSA Conference 2022: Transform

The NCCoE is excited to join our peers and colleagues in person at this year’s RSA Conference 2022 to share our expertise and insights in building a more secure world. From IoT to data security, from supply chain assurance to zero trust and more--innovation in the cybersecurity space will require ongoing collaboration and integrity as the security needs of organizations expand across the globe. In the spirit of increasing this engagement, the NCCoE will share insights from its laboratories and interface with other industry experts. Read more below to learn about the topics our engineers will be discussing at RSAC this year:

RSA 2022 Graphic

Presentations

Monday, June 6

Validating the Integrity of Computing Devices

9:40 A.M. - 10:30 A.M. (PDT)

It is essential for organizations to ensure the integrity and resiliency of supply chains for their IT products. In this session, the NIST NCCoE Supply Chain Assurance Project and industry collaborators will showcase how organizations can verify that the internal components of their purchased computing devices are genuine and have not been altered during the manufacturing and distribution processes.

Learn more about this session.

 

Inside the Making of a Zero Trust Architecture

10:50 A.M. - 11:40 A.M. (PDT)

The lead authors/contributors of NIST’s SP 800-207, Zero Trust Architecture are bringing their Zero Trust tenets and principles to life in a demonstration project at the National Cybersecurity Center of Excellence. Learn what’s working, what’s challenging, and what companies might want to consider when designing and building a Zero Trust Architecture.

Learn more about this session.

 

Measuring the Difference: Metric Development at NCCoE's Securing AI Testbed

1:10 P.M. - 2:00 P.M. (PDT)

AI-enabled technology is rapidly being adopted in nearly all industries. New attacks and defenses to AI are also growing. As a result, it can be hard to know how resilient these technologies are. Come see NCCoE’s Securing AI Testbed in action! This session will demonstrate measuring successful defenses against corresponding attacks and applying it to various hypothetical industry adoptions of AI-enabled technology.

Learn more about this session.

 

New Guidelines for Enhancing Software Supply Chain Security Under EO 14028

2:20 P.M. - 3:10 P.M. (PDT)

This session will review new guidelines under EO 14028. The National Institute of Standards and Technology, in consultation with industry and other Federal agencies, is completing standards and guidelines updates and new software supply chain security requirements affecting software acquisition. The initiatives apply to the full Federal software supply chain, including consumer software and IoT devices.

Learn more about this session.

 

Tuesday, June 7

Caterpillars to Butterflies: Transforming the Privacy Workforce

1:15 P.M. - 2:05 P.M. (PDT)

In today’s dynamic, data-driven environment, a skilled, knowledgeable, and collaborative workforce capable of managing privacy and security risks is essential. Attendees will learn from leading experts how to overcome challenges and utilize tools to transform the organization’s privacy staff from a compliance-oriented team to a cross-organizational, interdisciplinary risk management workforce.

Learn more about this session.

 

Users Are Not Stupid: Eight Cybersecurity Pitfalls Overturned

1:15 P.M. - 2:05 P.M. (PDT)

Whether implementing security policy or developing products, it is critical for security teams to consider the human element. Yet they often fall victim to misconceptions and pitfalls that undermine users’ ability to reach their full security potential. NIST’s Julie Haney will share real-world examples to help attendees learn to recognize and overcome these pitfalls to improve security through user empowerment.

Learn more about this session.

 

Wednesday, June 8

Put a Label on It! Protecting IoT by Empowering Consumers

8:30 A.M. - 9:20 A.M. (PDT)

IoT cybersecurity labels enable consumers to make risk-informed purchasing decisions. This wide-ranging panel will explore the state of industry and government IoT cybersecurity labeling efforts and discuss technical pitfalls in product certification and label design as well as economic and regulatory implementation challenges of a national labeling regime. A must for those who buy or sell consumer IoT.

Learn more about this session.

 

Protecting Against Evolving Threats to Global Shipping Infrastructure

8:30 A.M. - 9:20 A.M. (PDT)

American Petroleum Institute and MITRE will detail how energy resource impacts the global supply chain and showcase the important collaborative efforts with the Department of Energy and National Institute of Standards and Technologies. These efforts focus on protection of critical infrastructure within the vital Marine Transportation System and overall global supply chain.

Learn more about this session.

 

Time is Running Out: Post Quantum Cryptography Call to Action SAFECode/NIST

2:25 P.M. - 3:15 P.M. (PDT)

Quantum computing advancements are rapidly developing. Modern cryptography currently being used for security is vulnerable to these developing innovations. Industry must prepare now for the transition to Post Quantum Cryptography. Immediate and short-term actions can and should be taken now to prepare. SAFECode will lead a discussion with NIST on guidance for how industry can get started.

Learn more about this session.

 

*More information will be added to this page as it is announced.