In The News

In the news
August 25, 2015  |  The Daily Dot

The U.S. government is asking energy experts and the general public to weigh in on a new plan to protect the power grid from cyberattacks.

The draft proposal, titled "Identity and Access Management for Electric Utilities," is the result of a partnership between energy companies' security teams and the National Cybersecurity Center of Excellence (NCCoE), a division of the National Institute of Standards and Technology (NIST).

In the news
August 25, 2015  |  Inside Cybersecurity

The National Cybersecurity Center of Excellence has issued for public comment a draft guide on identity and access management for the electric sector.

The center, which is part of the National Institute of Standards and Technology, on Tuesday released "Identity and Access Management for Electric Utilities" and is seeking comments by Oct. 23.

In the news
August 25, 2015  |  EnergyWire

The National Institute of Standards and Technology is stepping up its efforts to help energy companies keep their critical networks under lock and key.

The nonregulatory agency announced yesterday that it's seeking input on a draft how-to guide for managing access to electric utilities, from their physical control rooms to any Internet-connected computers.

In the news
August 25, 2015  |  GCN

Federal IT professionals used to be able to depend on keeping their information safe in secure on-premise data centers, but times have changed. Traditional data centers could be depended upon for consistent control, visibility and security, but today’s cloud-based centers offer new variants of those capabilities – a fact that IT administrators struggle with every day.

In the news
August 24, 2015  |  SANS Institute Newsletter

The US National Institute of Standards and Technology (NIST) has released "Identity and Access Management for Electric Utilities," a draft guide to cybersecurity for US electric utilities. The guide describes a centralized access control system developed by NIST's National Cybersecurity Center of Excellence's (NCCoE). NIST is accepting comments on the document until October 23, 2015. 

In the news
August 24, 2015  |  ComputerWorld

U.S. electric utilities should pay close attention to their authentication systems and access controls to reduce data breaches, a government agency says in a new cybersecurity guide.

About 5 percent of all cybersecurity incidents that the U.S. Department of Homeland Security's industrial control cyber team responded to in 2014 were tied to weak authentication, said the U.S. National Institute of Standards and Technology (NIST). Another four percent of industrial control incidents were related to abuses of access authority, the agency said.

In the news
August 24, 2015  |  CIO

U.S. electric utilities should pay close attention to their authentication systems and access controls to reduce data breaches, a government agency says in a new cybersecurity guide.

The new cybersecurity guide, released in draft form by NIST's National Cybersecurity Center of Excellence (NCCoE) Tuesday, focuses on helping energy companies reduce their cybersecurity risks by showing them how they can control access to facilities and devices from a single console.

In the news
August 16, 2015  |  ExecutiveBiz

The Maryland-based National Cybersecurity Center of Excellence is searching for industry sources to develop a cybersecurity system intended to help control access to information technology assets. 

Contractors would design three projects around access control, personal identity verification credentials and mobile devices, theNational Institute of Standards and Technology said Friday.

 
In the news
August 13, 2015  |  mHealthIntelligence

With more health records being stored on mobile devices, the need for mobile health security is imperative among doctors, nurses, and other medical professionals.

In the news
August 12, 2015  |  Corporate Counsel

NIST’s “Securing Electronic Health Records on Mobile Devices” gives organizations involved in the health care sector insights on how to design and implement security systems that protect the myriad personal and health information patients entrust them to collect and keep private. Although fairly technical, the guide helps focus organizations’ conversations around keeping electronic health records protected.