ISSA Mid-Atlantic Information Security Conference

Friday, March 10, 2017

NCCoE cybersecurity engineers Jim Banoczi and Harry Perper will present "Managing Access and Assets for the Financial Services Industry" at the ISSA Mid-Atlantic Information Security Conference on March 10, 2017 at 9:40am at Universities at Shady Grove Conference Center in Rockville, Md. The financial industry is faced with many pressing cybersecurity challenges, including how to manage IT assets and access rights. This session will provide an overview of the NCCoE and describe two projects that the financial industry has identified as significant challenges. The first project, IT Asset Management, outlines a practical solution for identifying and managing IT assets within an organization. The second, Access Rights Management, addresses how to integrate diverse identity and access management platforms to better control access rights. These projects were initiated through discussions with members of the financial services and have broad applicability across the financial sector.

Federal IT Acquisition Summit

Wednesday, November 16, 2016

The Federal IT Acquisition Summit held in Washington, DC provides acquisition and management professionals with insights into key trends and developments in federal IT. NCCoE Senior Security Engineer Don Tobin will participate on the Cybersecurity Framework Panel from 10:15am to 11:05am. This panel will look at new ways in which agencies are leveraging the NIST Cybersecurity Framework to solve pressing security problems.

HIMSS Annual Conference & Exhibition

Sunday, February 19, 2017 to Thursday, February 23, 2017

The NCCoE is attending the 2017 Healthcare Information and Management Systems Society (HIMSS) Annual Conference & Exhibition in Orlando, Fl at the Orange County Convention Center.


Cybersecurity Discussion: Securing PACS with NCCoE Computer Scientist Gavin O'Brien and MITRE Principal Cybersecurity Researcher Kevin Littlefield
Tuesday, February 21, 11:30am-12pm, Hall A, Booth 230
We will facilitate a discussion on potential cybersecurity risks that may be unique to Picture Archiving and Communication Systems (PACS), including analyzing the Digital Imaging and Communications in Medicine (DICOM) standard. We hope to also explore potential practical measures to mitigate those risks.

Securing Wireless Medical Infusion Pumps - A Use Case with NCCoE Computer Scientist Gavin O'Brien
Wednesday, February 22, 10am-11am, Tangerine Ballroom F4
This presentation demonstrates how to secure medical devices in a health provider’s enterprise network. The use case, developed in collaboration with health IT vendors at the NCCoE, covers identifying the actors interacting with infusion pumps, defining the interactions between the actors and the system, performing a risk assessment, categorizing the challenges facing successful management of medical device cybersecurity, and reviewing applicable mitigating security technologies. The outcome is a repeatable, scalable example implementation solution. Once healthcare organizations understand today’s available technologies, they can set strategies to prioritize vulnerabilities, obtain these technologies for use within their organization, educate staff, and most significantly, mitigate cybersecurity risk to patients.

YourTurn: Cybersecurity Challenges in Health Care with NCCoE Computer Scientist Gavin O'Brien
Wednesday, February 22, 1pm-2pm, Room W300 
With the support of healthcare organizations, the NCCoE at NIST, demonstrated how enterprises can secure electronic health records on mobile devices to better protect patient data. Our next project showed health organizations how to better secure wireless infusion pumps to reduce patient safety & security risks. This talk gives attendees the opportunity to discuss best practices, prioritize challenges & explore potential solutions, ultimately guiding the NCCoE on its next projects.

Exhibition Booth

Federal Health IT Solutions Pavilion Hall A, Booth #230, sponsored by The MITRE Corporation.

2016 Investment Company Institute Cybersecurity Forum

Wednesday, November 9, 2016

With industries relying more on information technology, cybercrime is becoming ever more prevalent—and the investment fund industry is not immune.

To better understand the evolving nature of cyberthreats, the Investment Company Institute will be hosting its the third annual Cybersecurity Forum on Thursday, November 10, at Washington Marriott Georgetown. The NCCoE Financial Services team will be attending and sharing more information about its Financial Services projects. 

Safeguarding Health Information: Building Assurance through HIPAA Security

Tuesday, October 18, 2016 to Wednesday, October 19, 2016

NIST and the Department of Health and Human Services' Office for Civil Rights will co-host the 9th annual  Safeguarding Health Information: Building Assurance through HIPAA Security Conference on October 19-20, 2016 at the Capital Hilton, Washington, D.C. NCCoE computer scientist Gavin O'Brien will host a panel on "Addressing Healthcare Cybersecurity Challenges through Standards-based Solutions" on October 19 from 1:15pm-2:15pm. 

AFCEA Global Identity Summit

Sunday, September 18, 2016 to Wednesday, September 21, 2016

The Global Identity Summit provides an immersive environment where identity professionals from the federal government, private sector and academia can dedicate three days to strategic planning, information sharing, needs analysis, collaboration and relationship building. The National Cybersecurity Center of Excellence will join NIST and the National Strategy for Trusted Identities in Cyberspace as an exhibitor. 

AFCEA Bethesda Health IT Day

Tuesday, October 11, 2016

NCCoE Computer Scientist Gavin O'Brien will join the "Cybersecurity: Out Think Healthcare Threat" panel discussion at the AFCEA Health IT Day at the Bethesda North Marriott Conference Center on Wednesday, October 12 from 10:30am-11:30am. This moderated panel of federal CISOs and privacy experts will share their perspective on how cognitive solutions may impact predictive threats and other cybersecurity topics of interest. 

API Cybersecurity Conference for the Oil & Natural Gas Industry

Wednesday, November 9, 2016

The NCCoE will lead  a talk on "Industry/Government Partnership: Cybersecurity through Development of a NIST CSF Profile with US Coast Guard" as part of the NIST Cybersecurity Framework: Use & Deployment session at the 11th Annual Cybersecurity Conference for the Oil & Natural Gas Industry in Houston, Texas on Thursday, November 10, 1:00-2:10 pm CT. 

GridSecCon 2016

Monday, October 17, 2016

NCCoE Senior Security Engineer Jim McCarthy will help lead a full day NIST NCCoE Workshop at GridSecCon on October 18, 2016 in Quebec City, Quebec. The  workshop will discuss top challenges facing the energy industry today, and review profiles and worked example solutions in IdAM, Situational Awareness, and Industrial Control Systems. Topics will also include the NIST Cybersecurity Portfolio and Cybersecurity Framework (CSF). 

AEHIX 16 Fall Forum

Thursday, November 3, 2016

NCCoE Computer Scientist Gavin O'Brien will participate in the "Information Security: It's Everyone's Problem" session from 10:30m-11:30am at the AEHIX 16 Fall Forum in Phoenix, Arizona. This session explores the current threat landscape and identifies best practices for protecting the organization and information vital to patient care and business operations. This fall forum aims to bring together thought leaders from across health IA, IT, and IS specialties to network and share ideas on how IT can help bend the cost curve.