Through research and engagement with industry and the technology community, the NCCoE has identified several cybersecurity areas of interest for potential projects. The NCCoE seeks to address businesses' most-pressing cybersecurity issues. We present the following ideas for your consideration and encourage feedback on these ideas to assist in understanding specific challenges and needs. Comments received may be used to help define challenge statements, explore similar challenges, or move an idea into the project phase.
This draft project description addresses an integrated set of authentication mechanisms, improving system security, usability and safety for law enforcement vehicle systems. By integrating simplified identity and authentication technologies, based on proximity, biometrics, tokens, or other similar technologies, with readily available integrated reduced-sign-on (RSO) tools, law enforcement organizations can enhance mission effectiveness, improve officer safety, and, through more consistently applied security controls, reduce risk to sensitive back-end databases and systems. Learn more about this project idea.
This concept paper outlines several areas of interest and desired outcomes for potential projects to advance the adoption of sound security principles and best practices related to the identification, authentication, and authorization for devices in the Internet of Thing (IoT) space. The NCCoE asks stakeholders and potential collaborators to help identify models, methodologies, protocols, best practices, or standards from other industries that may be relevant to securing smart home technology. NCCoE cybersecurity engineers will review comments on an ongoing basis. Learn more and provide feedback on this potential project.
This draft project description addresses securing non-credit card, sensitive consumer data through data masking and tokenization to improve the security of data transmitted and stored during commercial payment transactions, as well as data shared internally within a retail organization and externally with business partners. Learn more about this project idea.
This project description explains a standardized approach for collecting software inventory data across an organization’s network that helps mitigate risks by revealing vulnerabilities. Learn more about this project idea.