News

In the news
March 04, 2017  |  Newsweek

The grid has been vulnerable physically for decades. Today, we are just beginning to understand the seriousness of an emerging threat to the grid’s cybersecurity. As the grid has become more dependent on computers and data-sharing, it has become more responsive to changes in power demand and better at integrating new sources of energy. But its computerized control could be abused by attackers who get into the systems.

In the news
March 02, 2017  |  The National Law Review

The National Cybersecurity Center of Excellence (NCCoE) released a draft of the National Institute of Standards and Technology (NIST) Cybersecurity Practice Guide, Special Publication 1800-7: "Situational Awareness for Electric Utilities." The Practice Guide includes a model solution that can be used by electric sector companies to alert their staff to potential or actual cyber attacks.  

In the news
February 27, 2017  |  ForeScout

ForeScout is pleased to announce our partnership with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST). This week, we signed a Memorandum of Understanding with NCCoE to formalize our already fruitful relationship. With NCCoE, alongside government and industry partners, we help refine existing security architectures and innovate to solve future cybersecurity challenges. It is truly a unique kind of public-private collaboration.

In the news
February 23, 2017  |  The Conversation

Security standards can help ensure utility companies keep their protection strong. The U.S. National Institute of Standards and Technology has its own recommendations, though they are not mandatory for utilities. A draft version of a new set of guidelines was just released, adding both urgency and detail for utility companies.

In the news
February 23, 2017  |  Waratek

Waratek, along with a group of companies including Hewlett Packard Enterprise, Siemens, and RSA, worked closely with the National Cybersecurity Center of Excellence (NCCoe) to develop an example solution for electric companies to alert their staff to potential or actual cyberattacks directed at the grid. The example draft outlines the implementation of this solution and comments from the public are sought until April 17, 2017.

In the news
February 17, 2017  |  Inside Cybersecurity

The National Institute of Standards and Technology has released for public comment a draft guide for electric utilities to detect and remediate cyber anomalies, investigate those incidents and share findings with other energy companies. The draft guide on “Situational Awareness for Electric Utilities” was developed by NIST's National Cybersecurity Center of Excellence with input from industry, and provides an “example solution” to help utilities alert staff to potential and actual cyber attacks on the electric grid.

Blog
February 16, 2017  |  NIST

As part of their current cybersecurity efforts, many electric utilities monitor data from the various systems and devices they rely on to keep the power flowing and to secure both their information technology and facilities. Pulling these data together and correlating events across data streams can be a time-consuming process, so the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology collaborated with a team of experts from industry, academia and government to develop a guide utilities can use to improve situational awareness and better respond to potential cyber attacks.

Blog
February 09, 2017  |  Sarah Kinling

The National Cybersecurity Center of Excellence (NCCoE), a part of the National Institute for Standards and Technology (NIST), will demonstrate its current projects in San Francisco Feb. 13-17 at the RSA Conference and Orlando Feb 19-23 at the Healthcare Information and Management Systems Society Annual Conference & Exhibition (HIMSS17).

Blog
December 22, 2016  |  William Fisher and Marc Schneider

At approximately 7:00 a.m. ET on October 21, popular websites on the east coast appeared to go down, propelling a new type of distributed denial of service (DDoS) attack into the public spotlight. The malware involved in this incident, named Mirai leveraged Internet of Things (IoT) devices, such as DVRs and IP cameras, to form botnets. These botnets were used to target and disrupt core Internet services from domain name system (DNS) provider Dyn. As a malware strain, Mirai was already well known.

In the news
December 20, 2016  |  Inside Cybersecurity

The National Institute of Standards and Technology has announced a new opportunity for industry collaboration on multifactor authentication technology, in an effort to increase the security of online identities and reduce risk of online fraud.