News

In the news
September 07, 2017  |  Computer Technology Review

Red Hat and Kryptowire, provider of a military-grade mobile application security testing platform used by federal agencies, announced Wednesday that the companies have been awarded a contract from the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) to advance mobile application lifecycle security.  Optimization of Kryptowire’s mobile application certification platform for Red Hat Mobile Application Platform’s processes, with a goal of creating a commercial solution that will improve end-to-end mobile security solutions throughout DHS and other U.S.

In the news
September 07, 2017  |  SC Magazine

The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) along with vendors and businesses within the cybersecurity community teamed up to develop a recovery guide for firms hit with ransomware attacks. Researchers said the goal of the guide is to help organizations recover data from cybersecurity events, facilitate smooth recovery in the event of a compromise, and manage enterprise risks, according to the Data Integrity Recovering from Ransomware and Other Destructive Events report.

In the news
September 06, 2017  |  BusinessWire

After a DHS S&T study, conducted in cooperation with NIST’s NCCoE, found that, “threats to the Federal government’s use of mobile devices—smartphones and tablet computers running mobile operating systems—exist across all elements of the mobile ecosystem,” DHS has awarded a grant titled “Assured Mobile Application Lifecycle using Red Hat Enterprise” to NCCoE’s NCEP partnerw Red Hat, Inc and Kryptowire.

In the news
September 06, 2017  |  Bloomberg BNA

To help companies and organizations prepare and recover from cyberattacks, the U.S. government has issued a guidance in collaboration with members of the business community and vendors in the cybersecurity industry. The National Cybersecurity Center of Excellence at the National Institute of Standards and Technology released “Data Integrity: Recovering from Ransomware and Other Destructive Events.” 

In the news
September 01, 2017  |  Inside Cybersecurity

The National Institute of Standards and Technology’s National Cybersecurity Center of Excellence has released for public comment a draft cybersecurity “practice guide” on managing access rights for the financial sector. The NCCoE announced Thursday that it is seeking comment on the guide-- which details ways financial services companies can improve security by limiting employee access to information -- through Oct. 31.

In the news
September 01, 2017  |  Banking Technology

National Institute of Standards and Technology (NIST), an agency of the US Department of Commerce promoting innovation and industrial competitiveness, and cybersecurity tech specialist NextLabs have partnered to develop a framework for implementing and administering access rights management (ARM) in the financial services sector.

Blog
August 31, 2017  |  Susan Prince

In collaboration with the financial services community and technology collaborators, the National Cybersecurity Center of Excellence (NCCoE) developed draft cybersecurity guidance, NIST Special Publication 1800-9: Access Rights Management for the Financial Services Sector, which uses standards-based, commercially available technologies and industry best practices to help financial services companies provide a more secure and efficient way to manage access to data and system. The draft guide is now open for public comment through October 31, 2017.

In the news
August 31, 2017  |  ExecutiveBiz

The National Institute of Standards and Technology‘s National Cybersecurity Center of Excellence has partnered with NextLabs to craft a framework for the agency to implement and administer access rights management guidelines across the financial services industry. NCCoE aims to equip financial institutions with a centralized system to manage and protect disparate identity and access systems from cyber threats, NextLabs said Thursday.

Blog
August 23, 2017  |  Caroline Tan, NCCoE Summer Intern

I learned that the concept of managing each transfer in a supply chain can be applied to the outputs of any company or organization. That basic understanding of product movement in planning, procurement, manufacturing, and delivery helped me transition into my internship at the National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE). I was initially intimidated by the name and intellectual weight of the organization. These innovators—my now co-workers—were spearheading cybersecurity solutions for wireless infusion pumps, secure inter-domain routing, and identity and access management. And they even shed light on supply chain management, explaining to me that there is a possibility of risk at each transfer point and at each step in the process, not just with physical materials, but also with the critical intangibles such as data, software, and intellectual property. Here, I found an overlap that wasn’t deeply addressed in my supply chain course. I wanted to combine my undergraduate background and experience with the wealth of knowledge around me and contribute back to the organization.

In the news
August 21, 2017  |  ComputerWorld

The National Institute of Standards and Technology is trying to bolster ecommerce authentication on desktops and mobile devices. It was spurred to tackle its Multifactor Authentication for e-Commerce project because of the realization that increased security in the physical world (with such steps as cards with EMV chips) means thieves are going to start to focus more on card-not-present transactions.