News

In the news
September 19, 2016  |  NextGov

The National Institute of Standards and Technology has published a "mobile threat catalogue" that broadly sketches out parts of a mobile device strategy that need special attention, including securing physical access to smartphones and tablets, as well as authenticating who is using the device with passwords, fingerprints or voice recognition.

In the news
September 14, 2016  |  ExecutiveGov

The National Institute of Standards and Technology has introduced new resources intended to help organizations protect their mobile devices and computer systems from malware threats. NIST said Wednesday the draft Mobile Threat Catalogue and the draft Assessing Threats to Mobile Devices and Infrastructure seek to respond to the public and private organizations’ request for information on threats and how to mitigate the attacks.

In the news
September 14, 2016  |  FedTech

What if federal agencies could do more than just react to cybersecurity threats and data breaches and actually get out in front of them? That’s the world the Department of Homeland Security (DHS) wants for the executive branch. The use of predictive security tools, security intelligence and DHS’ Continuous Diagnostics and Mitigation (CDM) program could help agencies get there, according to federal officials who spoke this week on a panel at Meritalk’s Cybersecurity Brainstorm conference in Washington, D.C.

In the news
September 14, 2016  |  Enterprise Apps Tech

The National Institute of Standards and Technology (NIST) has released a new resource which aims to help organizations protect their systems from mobile threats. The paper, which is currently at a draft stage and is requesting feedback, lists potential threats in a variety of areas, from authentication to supply chains, physical access to payments, as well as network protocols and infrastructure.

Press Releases
September 13, 2016  |  NIST

IT security departments have used guidance from NIST and other sources to help them defend the vulnerable connections between mobile devices and enterprise computer systems from malware, viruses and other types of attacks. Recently, organizations from both the public and private sectors have requested more specific information on threats and ways to mitigate them.

The draft Mobile Threat Catalogue (MTC) and the accompanying draft Assessing Threats to Mobile Devices & Infrastructure (NIST Interagency Report 8144 seek to answer those requests. To strengthen the catalogue, the authors request practitioners and experts in the field to review the catalogue and provide feedback and additional information. Please send comments on both projects to Nistir8144@nist.gov by October 12, 2016.

In the news
September 12, 2016  |  MeriTalk

There is no silver bullet to maintaining a predictive stance when it comes to anticipating cybersecurity threats, according to experts from the Federal government. One solution to assessing risks and predicting attacks is DHS’s Continuous Diagnostics and Mitigation (CDM) program, according to Tim McBride, Director of Operations of the National Cybersecurity Center of Excellence at the National Institute of Standards and Technology (NIST).

In the news
September 12, 2016  |  Wiley Rein LLP

NIST and NCCoE have identified and categorized potential threats and mitigations, drawing from various sources. They seek public input to validate their initial work, and to help them develop a final Mobile Threat Catalogue and NISTIR 8144 publication.

Press Releases
September 11, 2016  |  Kathie Felix

The National Cybersecurity Center of Excellence (NCCoE), a part of the National Institute of Standards and Technology (NIST), is exploring technology that can help vehicle-based law enforcement officers securely and quickly access multiple software applications and databases. A faster authentication process could provide immediate access in dangerous circumstances—and while a vehicle is in motion.

In the news
September 07, 2016  |  HealthITSecurity

A new risk assessment project designed for monitoring wireless IV medical infusion pumps hopes to further strengthen medical device cybersecurity across the healthcare industry. Gavin O’Brien, senior cybersecurity engineer with NCCoE discussed the partnership with HealthITSecurity.com and what it means for medical device cybersecurity.

In the news
September 07, 2016  |  BusinessWire

Clearwater Compliance, a leading healthcare cybersecurity company, will collaborate with the National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE) as part of a wide-ranging, first-of-its-kind risk assessment project focusing on wireless IV medical infusion pumps. This research project will investigate how to improve wireless IV medical infusion pumps’ security, with an end goal of helping companies and organizations increase their cyber risk assessment and management capability. The end result of this collective collaboration is a reference design and an implementation guide on how to protect wireless IV medical infusion pumps from unintended errors or unauthorized access, including malicious acts.