ATARC Federal Mobile Computing Summit

Tuesday, April 5, 2016

NCCoE IT Security Specialist Joshua Franklin will lead a collaboration session on "Mobile App Vetting Strategy" at the ATARC Federal Mobile Computing Summit at the Grand Hyatt in Washington, D.C.

Mobile App Vetting Strategy: 1:40pm-3:45pm

Joshua Franklin, IT Security Specialist, NCCoE
Tim LeMaster, Director, Systems Engineering, Lookout
Carlton Northern, Lead Information Systems Engineer, MITRE
Mike Peck, Lead Cyber Security Engineer, MITRE

About the Session:
Creating and sustaining a mobile application vetting capability within an organization can be an expensive and time consuming prospect. For agencies that don’t have many apps to vet, this can lead to a negative return on its investment. This session will investigate what it takes to stand up a mobile app vetting capability within an organization and explore the concept of creating a public/private partnership between the government and private sector to establish app vetting standards & criteria, provide “approved” criteria for vendors, evaluate app vetting tools for effectiveness and establish joint (government/commercial) app vetting service providers/labs to “certify” apps, e.g., “UL Certified.”

Federal Labs Technology Demonstrations and Discussions

Tuesday, March 29, 2016

NCCoE Security Engineer Bill Fisher will present "ABAC: Run-time Access Control for Federated Identities" during the NIST session from 8:30am-12:00pm at the Federal Labs Technology Demonstrations and Discussions in College Park, Md.

Enterprises rely upon strong access control mechanisms to ensure that corporate resources (e.g. applications, networks, systems, and data) are not exposed to anyone other than an authorized user. As business requirements change, enterprises need highly flexible access control mechanisms that can adapt. The application of attribute based policy definitions enables enterprises to accommodate a diverse set of business cases, to include identities federated from external security domains. The NCCoE has published NIST SP 1800-3 Practice Guide, detailing an approach that the NCCoE took in developing an ABAC reference architecture and build. This demonstration will showcase commercially available technology used by the NCCoE to federate identity and attribute information and to make access decisions utilizing attribute based policy definitions. 

National Cybersecurity Center of Excellence Building Dedication Event

Sunday, February 7, 2016

On Feb. 8, 2016, the National Cybersecurity Center of Excellence (NCCoE) celebrated its move to expanded new facilities with a building dedication and expert panel discussions featuring senior elected and government officials and the CEOs and presidents of several large companies.

NCCoE staff and partners demonstrated several of the center’s current projects that address challenges faced by many organizations, such as access control, mobile device security, online identity authentication, data integrity, situational awareness, and IT asset management. The 5,574 square-meter (60,000 square-foot) facility has 22 labs, including two large enough to hold vehicles for cybersecurity testing.

Please see the NCCoE's recap of the event and NIST Director Willie May's article, Strengthening Public-Private Cooperation on Cybersecurity's Toughest Issues.


11:30 AM - Ribbon Cutting and Remarks, hosted by NIST Director Willie May. Participants: U. S. Department of Commerce Secretary Penny Pritzker, Senator Barbara Mikulski, Senator Ben Cardin, Rep. John Delaney, Rep. John Sarbanes, MD Lt. Governor Boyd Rutherford, Montgomery County Executive Ike Leggett

12:15 PM - Remarks by NIST/NCCoE officials

12:30 PM - Panel: How to Keep America Open for Business and Increase Consumers' Cybersecurity Confidence, moderated by Dean Garfield, ITI. Participants: Secretary Pritzker, Symantec CEO Michael Brown, and RSA President Amit Yoran 

1:10 PM - Lunch

1:35 PM - Remarks by U.S. Department of Homeland Security Deputy Secretary Alejandro N. Mayorkas

1:45 PM - Panel: Importance of Collaborating to Build Trust in the Digital Infrastructure: Successes to Date and New Efforts, moderated by Michael Daniel, Special Assistant to the President and White House Cybersecurity Coordinator. Participants: New York Power Authority CEO Gil Quiniones; Intel Associate General Counsel and Global Privacy Officer David Hoffman; HIMSS Vice President of Technology Solutions Lisa Gallagher; NIST Chief Cybersecurity Advisor and NCCoE Director Donna Dodson

2:45 PM - Demos, posters, and limited tours of NCCoE labs (Exhibition Hall)

3:30 PM - Event concludes

CES 2016

Tuesday, January 5, 2016 to Friday, January 8, 2016

Representatives from the NCCoE were in attendance for the 2016 Consumer Electronics Show in Las Vegas, NV.

HIMSS Conference and Exhibition

Sunday, February 28, 2016 to Thursday, March 3, 2016

The NCCoE will be co-exhibiting with NIST at the Healthcare Information and Management Systems Society (HIMSS) Conference and Exhibition from Feb. 29 to March 4, 2016 at the Sands Expo in Las Vegas, NV. 



Securing Electronic Health Records on Mobile Devices with Gavin O’Brien, Computer Scientist, NCCoE
Wednesday, March 2, 11:30 am – 12:00 pm
Federal Health IT Solutions Pavilion, Booth 10109
Sands Expo Center
Learn how the NCCoE and technology vendors built an example solution to better secure mobile devices that interact with patient health information.

Wireless Infusion Pumps: Securing Hospitals’ Most Ubiquitous Medical Device with Gavin O’Brien, Computer Scientist, NCCoE
Thursday, March 3, 11:30am-12:00pm
Cybersecurity Command Center, Booth 9908
Sands Expo Center
Learn more about how to successfully secure wireless infusion pumps.



Visit the NCCoE in the Federal Health IT Solutions Pavilion, booth #10109 to learn more about how the NCCoE is working to secure Health IT systems and to have a personal demonstration of our Health IT practice guides.

RSA Conference 2016

Sunday, February 28, 2016 to Thursday, March 3, 2016

The NCCoE will be participating with NIST at the RSA Conference 2016 at Moscone Center in San Francisco, CA.



CyberMaryland at RSA: Global Partnership Luncheon with Nate Lesser, NCCoE Deputy Director
Tuesday, March 1, 11:30AM - 1:30PM
Hyatt Regency Embarcadero, 5 Embarcadero Center, San Francisco, CA 94111
Discover new business development opportunities and ways to get involved with NCCoE.

Integrating Cybersecurity into Supply Chain Risk Management with Jon Boyens, NIST Cyber Supply Chain Risk Management Program Manager
Wednesday, March 2, 9:10AM-10:00AM
Moscone Center, West, Room 2014

Wireless Infusion Pumps: Securing Hospitals' Most Ubiquitous Medical Device with Nate Lesser, NCCoE Deputy Director 
Wednesday, March 2, 11:30AM - 12:20PM
Moscone Center, West, Room 3018
Learn more about how to successfully secure wireless infusion pumps.

Privacy Risk and Control Design: NIST's Framework for Managing Privacy Risk with Naomi Lefkovitz, NIST Senior Privacy Policy Advisor
Friday, March 4, 9:00AM - 9:50AM
Moscone Center, West, Room 2014
Learn from organizations who have used the risk framework to address their unique privacy challenges.


Exhibition Booths and Demonstrations

Visit with NCCoE in the NIST booth (#N5013), and see our live demos:

In the Splunk Booth N3321 on Wednesday, March 2 from 2:30-2:50, Senior Security Engineer Harry Perper will be demonstrating NCCoE's example solution for IT Asset Management.