In the news
April 28, 2017  |  GCN

The effort to provide government workers who use mobile devices with personal identity verification credentials is picking up momentum, with programs in both the civilian and military sectors starting to deliver on earlier promises. NIST, for example, released guidelines for derived PIV credentials nearly two years ago, basically an update to Special Publication 800-157, which describes ways to implement credentials on mobile devices. More recently, the Derived PIV Credentials Project  from NIST’s National Cybersecurity Center of Excellence (NCCoE) will build on SP 800-157 and describe practice guides that agencies can use to start implementing a derived credential program.

In the news
April 25, 2017  |  The Cyber Edge

The National Institute of Standards and Technology's National Cybersecurity Center of Excellence (NCCoE) actively reaches out to industry partners for feedback on what companies consider the most important cybersecurity challenges, and what companies might be doing about them, said Don Faatz, a cybersecurity engineer at The MITRE Corporation working at the NCCoE. Companies can submit and test products at the center provided that the solutions integrate with other commercial offerings.

In the news
April 20, 2017  |  ExecutiveBiz

Siemens and the National Institute of Standards and Technology‘s National Cybersecurity Center of Excellence have collaborated to craft a cybersecurity practice guide for the energy sector.

In the news
April 19, 2017  |  Yahoo Finance

MobileIron (MOBL), the security backbone for the digital enterprise, and Entrust Datacard, a leader of trusted identity and secure transaction technologies, today announced that their joint derived credentials solution, MobileIron Derived Credentials with Entrust IdentityGuard Mobile Smart Credential, will be included in an upcoming project by the National Institute of Standards and Technology's (NIST) National Cybersecurity Center of Excellence (NCCoE) on Derived Personal Identity Verification (PIV) Credentials.

In the news
April 18, 2017  |  Siemens Corporation

Siemens, over the last several months, has worked closely with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) on a cybersecurity project for the energy sector.

In the news
April 17, 2017  |  Inside Cybersecurity

The comments due today are on NIST's draft guide for electric utilities “Situational Awareness for Electric Utilities” which outlines methods for detecting and remediating cyber anomalies, investigating those risks and sharing findings with other energy companies.

In the news
April 14, 2017  |  Inside Cybersecurity

The draft guide—1800-7—on “Situational Awareness for Electric Utilities” was developed and released in February for public comment by NIST's National Cybersecurity Center of Excellence with input from industry, and provides an “example solution” to help utilities alert staff to potential and actual cyber attacks on the electric grid.

In the news
March 16, 2017  |  cyberscoop

Donna Dodson has multiple roles at the National Institute of Standards and Technology — the U.S. government’s premier measurement and testing laboratory. In addition to being the chief cybersecurity adviser to Acting NIST Director Kent Rochford, she is associate director of the Information Technology Laboratory — one of six labs at NIST — and director of the National Cybersecurity Center of Excellence.

March 07, 2017  |  Joshua M. Franklin and Christopher Brown

The 2017 RSA Conference offered great opportunities, as usual, for the NCCoE staff to learn from the cyber community and engage with industry. The conference supported an entire track of mobile security talks, and common themes included the intersection of mobile security/IoT, and the (lack) of privacy within mobile ecosystems. As the NCCoE continues its work in mobile device security, we were excited to see mobile security gaining more traction at the RSA Conference.

In the news
March 04, 2017  |  Newsweek

The grid has been vulnerable physically for decades. Today, we are just beginning to understand the seriousness of an emerging threat to the grid’s cybersecurity. As the grid has become more dependent on computers and data-sharing, it has become more responsive to changes in power demand and better at integrating new sources of energy. But its computerized control could be abused by attackers who get into the systems.