National Data Integrity Conference

Wednesday, June 1, 2016 to Thursday, June 2, 2016

The National Data Integrity Conference is a gathering of people sharing new challenges and solutions regarding research data and integrity. NCCoE Senior Security Engineer Donald Tobin will discuss "Recovering Data Integrity After a Destructive Malware Attack" in a lightning talk on June 3 from 1:15-3:00pm. The conference will be held at the University of Colorado in Denver. 

2016 Public Safety Broadband Stakeholder Meeting

Monday, June 6, 2016 to Wednesday, June 8, 2016

NCCoE cybersecurity engineer Joshua Franklin will be speaking at the Public Safety Communications Research Conference on June 7th and 8th. This three-day meeting will bring together representatives from public safety, Federal agencies, industry, and academia. The meeting will highlight critical issues related to public safety broadband communications and the deployment of a nationwide public safety network. The conference will be held from June 7-9 at the Hard Rock Hotel in San Diego, CA.

Click here to find out more about the conference.

Cloud Identity Summit 2016

Sunday, June 5, 2016 to Wednesday, June 8, 2016

NCCoE security engineer Bill Fisher will be presenting a session on multifactor authentication in the retail sector and identity and access management in the Internet of Things (IoT) space on June 6 from 9am to 12pm at the Cloud Identity Summit. The summit brings together the best of industry and enterprise presenters and experts to share insights and to synthesize new ideas. The summit will be held from June 6-9 at the Mariott New Orleans in New Orleans, LA.

2016 Retail Cyber Intelligence Summit

Sunday, April 24, 2016

NCCoE Senior Security Engineer Bill Newhouse will present Working Together: Addressing Retail Cybersecurity with Standards and Best Practices on Monday, April 25 from 10:40am to 11:30am at the Retail Cyber Intelligence Summit in Chicago. This session will focus on specific challenges in the retail and payment ecosystems and how the NCCoE is working with stakeholders from across the retail ecosystem to address important retail cybersecurity issues.

Hyatt Regency Chicago
151 East Wacker Drive
Chicago, Illinois 60601

Register today!

4th Annual Cyber Security for Oil & Gas Summit

Sunday, June 26, 2016 to Tuesday, June 28, 2016

NCCoE Senior Cybersecurity Engineer Jim McCarthy will host the workshop "Remaining Ahead of the Curve: Applying the NIST/NCCoE Energy Sector Practice Guides to the Cyber Security Challenges of the Oil & Gas Industry" at the 4th Annual Cyber Security for Oil & Gas Summit on June 27 at 2:30pm. The summit, held from June 27 - 29 in Houston, TX, will bring together industry experts who will address critical concerns and trends regarding cyber security for the oil & gas industry, and cover how to address these concerns in a down market. Download the full agenda.

ICSJWG 2016 Spring Meeting

Monday, May 2, 2016 to Wednesday, May 4, 2016

NCCoE senior security engineer Jim McCarthy will be presenting "Situational Awareness for the Energy Sector" on May 4 at 3:20 PM at the Industrial Control Systems Joint Working Group (ICSJWG) Spring Meeting 2016. The conference brings together leaders in critical infrastructure security to discuss the latest initiatives impacting the security of our critical infrastructure, and will be held from May 3 - 5 at the Chaparral Suites in Scottsdale, AZ.

Click here to find out more about the conference.


Security Innovation Network's IT Security Entrepreneurs Forum (ITSEF) 2016

Monday, April 18, 2016 to Tuesday, April 19, 2016

NCCoE deputy director Nate Lesser will be speaking on a panel titled, "Quantifying Cyber Risk: A Manual for Holistic Enterprise Risk and Senior Security Professionals," at the Security Innovation Network's IT Security Entrepreneurs Forum (ITSEF) 2016. The conference will be held from April 19-20 at the Computer History Museum in Mountain View, CA.

Click here to find out more about the conference.

ATARC Federal Mobile Computing Summit

Tuesday, April 5, 2016

NCCoE IT Security Specialist Joshua Franklin will lead a collaboration session on "Mobile App Vetting Strategy" at the ATARC Federal Mobile Computing Summit at the Grand Hyatt in Washington, D.C.

Mobile App Vetting Strategy: 1:40pm-3:45pm

Joshua Franklin, IT Security Specialist, NCCoE
Tim LeMaster, Director, Systems Engineering, Lookout
Carlton Northern, Lead Information Systems Engineer, MITRE
Mike Peck, Lead Cyber Security Engineer, MITRE

About the Session:
Creating and sustaining a mobile application vetting capability within an organization can be an expensive and time consuming prospect. For agencies that don’t have many apps to vet, this can lead to a negative return on its investment. This session will investigate what it takes to stand up a mobile app vetting capability within an organization and explore the concept of creating a public/private partnership between the government and private sector to establish app vetting standards & criteria, provide “approved” criteria for vendors, evaluate app vetting tools for effectiveness and establish joint (government/commercial) app vetting service providers/labs to “certify” apps, e.g., “UL Certified.”

Federal Labs Technology Demonstrations and Discussions

Tuesday, March 29, 2016

NCCoE Security Engineer Bill Fisher will present "ABAC: Run-time Access Control for Federated Identities" during the NIST session from 8:30am-12:00pm at the Federal Labs Technology Demonstrations and Discussions in College Park, Md.

Enterprises rely upon strong access control mechanisms to ensure that corporate resources (e.g. applications, networks, systems, and data) are not exposed to anyone other than an authorized user. As business requirements change, enterprises need highly flexible access control mechanisms that can adapt. The application of attribute based policy definitions enables enterprises to accommodate a diverse set of business cases, to include identities federated from external security domains. The NCCoE has published NIST SP 1800-3 Practice Guide, detailing an approach that the NCCoE took in developing an ABAC reference architecture and build. This demonstration will showcase commercially available technology used by the NCCoE to federate identity and attribute information and to make access decisions utilizing attribute based policy definitions.