In The News

In the news
August 26, 2015  |  FierceGovernmentIT

The National Cybersecurity Center of Excellence is urging utility companies to change decentralized identity management practices at their facilities to shore up a weak link against online attack.

The NCCoE, which is a partnership of the National Institute of Standards and Technology, Maryland and Montgomery County, released a draft guide to walk utility companies through the process of setting up a single identity management system that can work for employees no matter which department they work under.

In the news
August 25, 2015  |  FCW

The National Cybersecurity Center of Excellence, part of the National Institute of Standards and Technology, is seeking comments on a security guide for power companies.

The "Identity and Access Management for Electric Utilities" guide aims to help energy companies keep their systems safer by using better, centralized identity management.

In the news
August 25, 2015  |  Inside Cybersecurity

A draft IT security guide for medical devices developed by the National Institute of Standards and Technology should undergo an exercise to see how it aligns with existing health-sector cybersecurity regulations, a NIST official said Tuesday.

In the news
August 25, 2015  |  The Daily Dot

The U.S. government is asking energy experts and the general public to weigh in on a new plan to protect the power grid from cyberattacks.

The draft proposal, titled "Identity and Access Management for Electric Utilities," is the result of a partnership between energy companies' security teams and the National Cybersecurity Center of Excellence (NCCoE), a division of the National Institute of Standards and Technology (NIST).

In the news
August 25, 2015  |  Inside Cybersecurity

The National Cybersecurity Center of Excellence has issued for public comment a draft guide on identity and access management for the electric sector.

The center, which is part of the National Institute of Standards and Technology, on Tuesday released "Identity and Access Management for Electric Utilities" and is seeking comments by Oct. 23.

In the news
August 25, 2015  |  EnergyWire

The National Institute of Standards and Technology is stepping up its efforts to help energy companies keep their critical networks under lock and key.

The nonregulatory agency announced yesterday that it's seeking input on a draft how-to guide for managing access to electric utilities, from their physical control rooms to any Internet-connected computers.

In the news
August 25, 2015  |  GCN

Federal IT professionals used to be able to depend on keeping their information safe in secure on-premise data centers, but times have changed. Traditional data centers could be depended upon for consistent control, visibility and security, but today’s cloud-based centers offer new variants of those capabilities – a fact that IT administrators struggle with every day.

In the news
August 25, 2015  |  ExecutiveGov

The National Institute of Standards and Technology‘s National Cybersecurity Center of Excellence has opened the comment period for a draft guide on access control measures for energy companies to reduce cyber risk.

NIST said Tuesday the “Identity and Access Management for Electric Utilities” guide is based on NCCoE’s discussions with the energy sector on cybersecurity challenges.

In the news
August 24, 2015  |  SANS Institute Newsletter

The US National Institute of Standards and Technology (NIST) has released "Identity and Access Management for Electric Utilities," a draft guide to cybersecurity for US electric utilities. The guide describes a centralized access control system developed by NIST's National Cybersecurity Center of Excellence's (NCCoE). NIST is accepting comments on the document until October 23, 2015. 

In the news
August 24, 2015  |  ComputerWorld

U.S. electric utilities should pay close attention to their authentication systems and access controls to reduce data breaches, a government agency says in a new cybersecurity guide.

About 5 percent of all cybersecurity incidents that the U.S. Department of Homeland Security's industrial control cyber team responded to in 2014 were tied to weak authentication, said the U.S. National Institute of Standards and Technology (NIST). Another four percent of industrial control incidents were related to abuses of access authority, the agency said.