News and Events

October 01, 2017

NCCoE Senior Engineer Harry Perper will present "Ransomware Recovery and Privileged Account Management Improve Resilience" on October 4 from 1:45pm to 2:30pm at the FS-ISAC Fall Summit in Baltimore, Md. Malware and insider threat actors often make use of privileged accounts to enable their activities. Recovery from ransomware is complicated by the lack of consistent and protected file and system back-ups. And access rights policies are difficult to enforce using manual processes. This session will explore  the NCCoE's research and projects related to Data Integrity (ransomware recovery), Access Rights Management, and Privileged Account Management.

September 01, 2017

The National Institute of Standards and Technology’s National Cybersecurity Center of Excellence has released for public comment a draft cybersecurity “practice guide” on managing access rights for the financial sector. The NCCoE announced Thursday that it is seeking comment on the guide-- which details ways financial services companies can improve security by limiting employee access to information -- through Oct. 31.

September 01, 2017

National Institute of Standards and Technology (NIST), an agency of the US Department of Commerce promoting innovation and industrial competitiveness, and cybersecurity tech specialist NextLabs have partnered to develop a framework for implementing and administering access rights management (ARM) in the financial services sector.

August 31, 2017

In collaboration with the financial services community and technology collaborators, the National Cybersecurity Center of Excellence (NCCoE) developed draft cybersecurity guidance, NIST Special Publication 1800-9: Access Rights Management for the Financial Services Sector, which uses standards-based, commercially available technologies and industry best practices to help financial services companies provide a more secure and efficient way to manage access to data and system. The draft guide is now open for public comment through October 31, 2017.

August 31, 2017

The National Institute of Standards and Technology‘s National Cybersecurity Center of Excellence has partnered with NextLabs to craft a framework for the agency to implement and administer access rights management guidelines across the financial services industry. NCCoE aims to equip financial institutions with a centralized system to manage and protect disparate identity and access systems from cyber threats, NextLabs said Thursday.

August 17, 2017

The National Institute of Standards and Technology’s National Cybersecurity Center of Excellence is working to issue a draft guide on access rights management in the financial sector by the end of September.

June 28, 2017

The NCCoE Financial Services Sector project team will present project updates and engage in discussion to identify adopters and new project ideas with the Investment Company Institute's CISO Subcommittee on June 28.

June 28, 2017

The NCCoE Financial Services Sector project team will meet with FINRA to provide NCCoE project updates and to discuss FINRA collaboration, adoption, and new project ideas.  

June 08, 2017

The NCCoE Financial Services Sector project team will meet with the FS-ISAC Community Institution Council Advisory Group, which includes leaders of the 3,000+ FS-ISAC member grou, to further collaboration between the two organizations.

April 30, 2017

The NCCoE Financial Services project team will attend the FS-ISAC Spring Summit in Orlando April, 30 - May 3. The team will host two tables during the Opening Breakfast on Tuesday, May 2 beginning at 7:00a.m. through the break at 9:45a.m. We invite you to join us at the table where you can meet the team and learn more about the work we're doing at the NCCoE. In addition, if you would like to meet with us individually, we're available for one-on-one meetings. RSVP for the breakfast table or schedule a meeting by emailing financial_nccoe@nist.gov

March 10, 2017

NCCoE cybersecurity engineers Jim Banoczi and Harry Perper will present "Managing Access and Assets for the Financial Services Industry" at the ISSA Mid-Atlantic Information Security Conference on March 10, 2017 at 9:40am at Universities at Shady Grove Conference Center in Rockville, Md. 

February 09, 2017

The National Cybersecurity Center of Excellence (NCCoE), a part of the National Institute for Standards and Technology (NIST), will demonstrate its current projects in San Francisco Feb. 13-17 at the RSA Conference and Orlando Feb 19-23 at the Healthcare Information and Management Systems Society Annual Conference & Exhibition (HIMSS17).

Individuals and organizations interested in learning more about the NCCoE’s work and how they can participate are encouraged to visit the booth and attend the presentations and demonstrations listed below.

RSA Conference: February 13-17, 2017

October 23, 2016

NCCoE senior engineers Jim Banoczi and Harry Perper will present a session titled "Practical Solutions for Managing Access and Assets" at the 2016 FS-ISAC Fall Summit in Nashville, TN. The session provides an overview of the NCCoE and describe two projects that were identified as significant challenges by FS-ISAC members. The first project outlines a practical solution for identifying and managing IT assets within an organization. The second project, Access Rights Management, addresses how to integrate diverse identity and access management platforms to better control access rights. These projects were initiated through discussions with FS-ISAC members and have broad applicability across the financial sector.

August 22, 2016

NCCoE Chief Engineer Harry Perper will participate in a panel discussion on Cybersecurity for the Financial Sector from 3:15pm-4:00pm at CyberTexas.

February 10, 2016

During his opening remarks, Dr. Willie May, Director of NIST, highlighted Splunk as one of six partners that renewed their commitment to NCCoE. Splunk’s commitment to the center includes providing the NCCoE with technical expertise, products, and outreach assistance. Splunk has committed to supporting NCCoE’s upcoming Financial Services Access Rights Management project with its operational intelligence software platform and technical expertise.

January 13, 2016

Splunk has been working with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) on an IT asset management system for the financial sector that uses commercially-available products.

The reference architecture, in which Splunk serves as the Operational Intelligence platform, can help financial institutions reduce their risk by enhancing the visibility of assets, identifying vulnerable assets and enabling faster response to security threats.

December 13, 2015

Bringing together officials from federal agencies, technology companies, commercial organizations and academia, enables us to create unified solutions to address broad cyber challenges of national importance. The National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE), which acts as the country’s lab for cybersecurity, is an example of an organization that is continuously bringing together government and industry thought leaders to discuss and collaborate on applied cybersecurity matters.

December 09, 2015

Splunk, Inc., provider of the leading software platform for real-time Operational Intelligence, today announced that Splunk® Enterprise is featured in a guide to help financial institutions mitigate cybersecurity risk. The guide is published and written by the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST).

October 29, 2015

The U.S. NIST (National Institute of Standards and Technology) has released an IT security Practice Guide titled "IT Asset Management". Belarc has been working closely with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) on this cybersecurity project for financial institutions.

As the country's national lab for cybersecurity, the NCCoE brings together people from industry, technology companies, government agencies, and academia to collaborate on applied cybersecurity to address broad challenges of national importance.

October 28, 2015

AlphaPoint Technology, Inc. (OTCBB: APPO) today announced that over the last several months, AlphaPoint Technology has been working closely with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and...