News

In the news
November 02, 2016  |  The Register

The US National Cybersecurity Center of Excellence (NCCoE) has published a guide on how to improve email security – and it wants your feedback on it. The NCCoE has put out its "draft practice guide" in an effort to educate and inform people about how to introduce proper email security. The hope of the 241-page publication is to increase defenses as broadly as possible against phishing, man-in-the-middle, malware and various other types of email-based attacks.

In the news
October 27, 2016  |  GCN

Police officers on patrol access a variety of computer systems from their in-vehicle laptops – from local  ticketing systems to state Department of Motor Vehicles databases to the FBI National Crime Information Center – all of which require unique, secure authentication. Juggling the security requirements of those myriad systems creates a logistical headache when combined with the often fast-paced demands of police work, said Don Tobin, the transportation lead at the National Institute of Standards and Technology’s National Cybersecurity Center of Excellence.  

In the news
October 19, 2016  |  HealthITSecurity

Both mobile device security and medical device security are increasingly popular topics in the healthcare industry. While there has not yet been a case of a hacked medical device affecting a patient, the concern for such a scenario is growing. The National Cybersecurity Center of Excellence (NCCoE) is investigating how best to improve wireless medical infusion pump security.

Blog
October 13, 2016  |  Kori Fisk

Cyberattacks are on the rise, and a staggering 41% of them target the energy sector. In order to protect the nation’s critical infrastructure, the sector must contend with a diverse set of unique challenges, from aging and disparate networks to a lack of awareness of threats and vulnerabilities. The National Cybersecurity Center of Excellence (NCCoE), in collaboration with energy sector stakeholders and cybersecurity technology vendors, has developed example solutions that utilities can use to help bolster their security postures. The NCCoE, a part of the National Institute of Standards and Technology (NIST), will host a workshop on October 18, 2016 at the North American Electric Reliability Corporation’s (NERC) Grid Security Conference (GridSecCon) in Quebec City, Canada. GridSecCon brings together cybersecurity and physical security experts from industry and government to share emerging security trends, policy advancements, and lessons learned related to the electric utility sector.

In the news
October 12, 2016  |  Federal News Radio 1500-AM

In a recent interview, NCCoE Director Donna Dodsen explained how the NCCoE develops 1800-series practice guides. Similar to the 800-series special publications, they explain how to use certain cybersecurity concepts that can apply across various business environments.

Blog
October 06, 2016  |  Joshua Franklin

On September 13, 2016, the National Cybersecurity Center of Excellence (NCCoE) hosted a workshop to review the recently released Mobile Threat Catalogue (MTC) with industry partners and identify missing areas of interest, new countermeasures, and potential mitigations. More than 50 mobile security industry members participated, including hardware manufacturers, operating system developers, malware detection companies, and mobile network operators. There was definitely expertise to go around!

In the news
October 04, 2016  |  Bloomberg BNA

Government and private industry must do better at collaborating and speaking the same language when it comes to protecting the country’s digital infrastructure from cyberattacks, Commerce Secretary Penny Pritzker said Sept. 27. Pritzker also praised the close collaboration between NIST's National Cybersecurity Center for Excellence and industry and academics. 

In the news
October 02, 2016  |  Federal News Radio

Donna Dodson, Chief Cybersecurity Officer and Director of the National Cybersecurity Center of Excellence (NCCoE), outlines the scope of the NCCoE's work, its projects, and how it fits into the larger NIST cybersecurity program.

In the news
September 20, 2016  |  Inside Cybersecurity

The National Institute of Standards and Technology's National Cybersecurity Center of Excellence on Tuesday announced public comment periods on three cybersecurity projects addressing mobile devices and law enforcement vehicle systems. The NCCoE will accept comments on its Assessing Threats to Mobile Devices and Infrastructure and Mobile Threat Catalogue until Oct. 7. Those two projects are aimed at identifying “a set of security controls and countermeasures that address mobile threats in a holistic manner.”

In the news
September 19, 2016  |  NextGov

The National Institute of Standards and Technology has published a "mobile threat catalogue" that broadly sketches out parts of a mobile device strategy that need special attention, including securing physical access to smartphones and tablets, as well as authenticating who is using the device with passwords, fingerprints or voice recognition.