In the news
November 11, 2016  |

The document is the first in a series of planned profiles that will help maritime industry organizations make the most of the voluntary Framework for Improving Critical Infrastructure Cybersecurity, published by NIST in February 2014. The profile pulls into one document recommended  safeguards to provide a starting point for organizations to review and adapt their risk management processes, and it describes a desired minimum state of cybersecurity.

In the news
November 11, 2016  |  SC Magazine

The dangers involved in shifting volatile liquids from ship to shore may not appear to have a cybersecurity angle, but according to the U.S. Coast Guard (USCG) many transfter facilities are computer controlled and thus vulnerable to cyberattack. With this in mind the USCG, National Institute of Standards and Technology (NIST) and the maritime industry came together to create a voluntary framework to help protect these computer systems. 

Press Releases
November 10, 2016  |  NIST

The U.S. Coast Guard (USCG) oversees approximately 800 waterfront facilities that, among other activities, transfer hazardous liquids between marine vessels and land-based pipelines, tanks or vehicles. These “maritime bulk liquid transfers” increasingly rely on computers to operate valves and pumps, monitor sensors and perform many other vital safety and security functions. This makes the whole system more vulnerable to cybersecurity issues ranging from malware to human error, and is the reason behind a new voluntary cybersecurity guide for the industry.

November 10, 2016  |  Tania Copper

On Wednesday November 9, 2016, the National Cybersecurity Center of Excellence (NCCoE) hosted “Cybersecurity in the Health Community,” part of the NCCoE Speaker Series. The event brought together a variety of cybersecurity professionals to the NCCoE campus to further the discussion on cybersecurity in the healthcare environment.

In the news
November 10, 2016  |  Data Privacy & Security Insider

The National Cybersecurity Center of Excellence (NCCoE) has released a draft Project Description for the manufacturing sector entitled: Capabilities Assessment for Securing Manufacturing Industrial Control Systems. This document is the first of a four-part series and addresses only behavioral anomaly detection capabilities. NCCoE is seeking comment on the guidance until December 7, 2016.

In the news
November 08, 2016  |  Cyberscoop

In a release Monday, the National Cybersecurity Center of Excellence said they were seeking comment by Dec. 7 on their draft project description: Capabilities Assessment for Securing Manufacturing Industrial Control Systems.

Industrial control systems, or ICS, are specialized IT systems — with both software and hardware elements — that run industrial processes. Because ICS controls physical plant like factory assembly lines or chemical processing, hackers can have real world effects by attacking it.

In the news
November 07, 2016  |  Inside Cybersecurity

Federal officials will discuss healthcare cybersecurity, oil and gas security, and more following Election Day, while numerous industry events around the world this week will tackle issues from data protection to federal agency IT security. On Wednesday at the National Cybersecurity Center of Excellence in Rockville, MD, Suzanne Schwartz, the Food and Drug Administration's lead on medical device cybersecurity, will speak on cybersecurity in the healthcare sector.

In the news
November 07, 2016  |  SC Magazine

The U.S. National Cybersecurity Center of Excellence (NCCoE) and the National Institute of Standards and Technology (NIST) released a draft guide that examines methods of making email more secure. The guide, entitled DNS-Based Email Security, examines the Domain Name System Security Extensions (DNSSEC) specifications and DNS-Based Authentication of Named Entities (DANE) protocol.

In the news
November 03, 2016  |  Inside Cybersecurity

The National Institute of Standards and Technology's National Cybersecurity Center of Excellence on Wednesday issued a new draft NIST Cybersecurity Practice Guide on Domain Name Systems-Backed Electronic Mail Security, offering a security protocol to ensure trusted email exchanges.

The guide, which is available for public comment through Dec. 19, outlines a “proof of concept security platform” that improves email security and defenses against email-focused cyber attacks such as phishing schemes.

Press Releases
November 02, 2016  |  Susan Prince

The National Cybersecurity Center of Excellence (NCCoE) invites comments on a draft practice guide to help organizations improve email security and defend against phishing, man-in-the-middle, and other types of email-based attacks. The draft guide, Domain Name Systems-Based Electronic Mail Security (NIST Special Publication 1800-6), demonstrates how commercially available technologies can help email service providers improve the security of email communications.