NIST Information

Iris Experts Group (IEG) Meeting 2021

1 month 3 weeks hence
The Iris Experts Group (IEG) will hold their annual meeting on Thursday June 17, 2021. The meeting will be virtual using the BlueJeans Meeting platform. The meeting is a full day meeting with breaks scattered through the day. The IEG is a forum for the discussion of technical questions of interest to US government(USG) agencies and their staff that are employing or may employ iris recognition to carry out their mission. Members include subject matter experts from USG agencies, academia and the commercial world. The meeting agenda is based on input from the members. The agendas of past meetings
Pauline Truong

Third PQC Standardization Conference

1 month 2 weeks hence
The NIST Post-Quantum Cryptography Standardization Process has entered the third phase, in which 7 third round finalists and eight alternate candidates are being considered for standardization. NIST plans to hold a third NIST PQC Standardization Conference in June 2021 to discuss various aspects of these candidates, and to obtain valuable feedback for the final selection(s). NIST will invite each submission team of the 15 finalists and alternates to give a short update on their algorithm. The conference will take place virtually. Call for Papers Submission deadline: April 23, 2021 Notification
Thelma A. Allen

Low-Cost NIST Demo Links Public Safety Radios to Broadband Wireless Network

1 week ago
Engineers at the National Institute of Standards and Technology (NIST) have built a low-cost computer system that connects older public safety radios with the latest wireless communications networks, showing how first responders might easily take advantage of broadband technology offering voice, text, instant messages, video and data capabilities. NIST’s prototype system could help overcome a major barrier to upgrading public safety communications. Many of the 4.6 million U.S. public safety personnel still use traditional analog radios, due to the high cost of switching to digital cellphones
Sarah Henderson

NIST Releases an Example Implementation Tool for NISTIR 8212: An Information Security Continuous Monitoring Program Assessment

2 weeks 5 days ago
Information security continuous monitoring (ISCM) programs provide an understanding of risk tolerance and help officials set priorities and consistently manage information security risk throughout the organization. NISTIR 8212, An Information Security Continuous Monitoring Program Assessment, provides an operational approach to the assessment of an organization’s ISCM program using ISCMAx – a free, publicly available working implementation of the ISCM program assessment described in NIST SP 800-137A. NISTIR 8212 provides instructions for using ISCMAx and guidance for tailoring the ISCMAx tool
Thelma A. Allen

Securing Property Management Systems: Cybersecurity Practice Guide SP 1800-27

2 weeks 6 days ago
In recent years criminals and other attackers have compromised the networks of several major hospitality companies, exposing the information of hundreds of millions of guests. A hotel property management system (PMS) is a prime target for attackers – it serves as the information technology operations and data management hub of a hotel and could give a criminal access to a trove of valuable data. The NIST National Cybersecurity Center of Excellence collaborated with the hospitality business community and cybersecurity technology providers to build an example solution demonstrating how
Thelma A. Allen

NIST Offers Cybersecurity Guide Tailored to the Hospitality Industry

2 weeks 6 days ago
A new practical cybersecurity guide from the National Institute of Standards and Technology (NIST) can help hotel owners reduce the risks to a highly vulnerable and attractive target for hackers: the hotel property management system (PMS), which stores guests’ personal information and credit card data. The three-part guide, formally titled Securing Property Management Systems (NIST Special Publication [SP] 1800-27 a, b and c), shows an approach to securing a PMS. It offers how-to guidance using commercially available products, allowing hotel owners to control and limit access to their PMS and
Sarah Henderson

Cybersecurity Framework Election Infrastructure Profile: Draft NISTIR 8310 Available for Comment

3 weeks ago
To help secure our elections, NIST has released Draft NISTIR 8310, Cybersecurity Framework Election Infrastructure Profile. This Profile provides a voluntary, risk-based approach for managing cybersecurity activities and reducing cyber risk to election infrastructure. The Profile is meant to supplement but not replace current cybersecurity standards and industry guidelines available to election officials. This profile can be used in several ways, including the following: To highlight and communicate high priority security expectations, To perform a self-assessment comparison of current risk
Thelma A. Allen

To Help Protect Our Elections, NIST Offers Specific Cybersecurity Guidelines

3 weeks ago
Making elections secure means protecting against ever-evolving threats to information technology — which scans in-person and mail-in ballots, supports voter registration databases and communicates vote tallies. To reduce the risk of cyberattacks on election systems, the National Institute of Standards and Technology (NIST) has released draft guidelines that provide a road map to help local election officials prepare for and respond to cyber threats that could affect elections. Comments on the draft will be accepted through May 14, 2021. Written in everyday language, the Draft Cybersecurity
Sarah Henderson

NIST Develops Privacy-Preserving ‘Encounter Metrics’ That Could Help Slow Down Future Pandemics 

3 weeks ago
When you bump into someone in the workplace or at your local coffee shop, you might call that an “encounter.” That’s the scientific term for it, too. As part of urgent efforts to fight COVID-19, a science is rapidly developing for measuring the number of encounters and the different levels of interaction in a group. At the National Institute of Standards and Technology (NIST), researchers are applying that science to a concept they have created called “encounter metrics.” They have developed an encrypted method that can be applied to a device such as your phone to help with the ultimate goal
Robin Materese

NIST Builds ‘Sisters in STEM’ With YWCA Code Jam

1 month ago
Twenty-three middle-school girls from the St. Vrain Valley School District in Longmont, Colorado, have logged on to their school tablets and laptops for a special kind of class on a frigid February afternoon: an introduction to coding — a new experience for some of them — and to learn what a career in science, technology, engineering and mathematics (STEM) looks like for women. And today they have help from scientists at the National Institute of Science and Technology (NIST) in Boulder, Colorado, including Boulder Laboratory Director Marla Dowell, who oversees communications technology
Sarah Henderson

NIST Tool Will Help Military Vehicles Fight Fires Using Less Harmful Chemicals

1 month 2 weeks ago
Researchers at the National Institute of Standards and Technology (NIST) have developed a new, interactive spreadsheet that will help the U.S. military extinguish aircraft and vehicle fires using the latest environmentally friendly chemicals. While it may sound old-school, the spreadsheet is actually an upgrade of a NIST computer program that has helped protect valuable military assets and lives for several decades, despite being based on the vintage operating system MS-DOS. Fire protection is a major issue for military vehicles, which carry flammable fluids and can incur significant damage
Sarah Henderson

Federal Computer Security Managers' Forum - 1/2 Day Meeting - February 2021

1 month 3 weeks ago
NOTE: THIS MEETING IS OPEN TO ONLY FEDERAL/STATE EMPLOYEES, HIGHER EDUCATION EMPLOYEES, AND THEIR DESIGNATED SUPPORT CONTRACTORS. REGISTRANTS MUST USE A .GOV, .EDU, OR .MIL ADDRESS FOR SIGN-UP. SUPPORT CONTRACTORS MUST INDICATE THE AGENCY OR ORGANIZATION THEY SUPPORT. The Federal Computer Security Program Managers Forum is an informal group sponsored by the National Institute of Standards and Technology (NIST) to promote the sharing of system security and privacy information among federal, State, and Higher Education employees. The Forum maintains an extensive e-mail list and holds quarterly
Thelma A. Allen

NIST Shares Key Practices in Cyber Supply Chain Risk Management Based on Observations from Industry

1 month 3 weeks ago
A new publication from the National Institute of Standards and Technology (NIST) provides companies, government agencies, and other organizations with a set of practices that any organization can use to manage growing cybersecurity risks associated with their supply chains. NIST researched and compiled these practices knowing that organizations can no longer protect themselves by simply securing their own infrastructures; their “electronic perimeters” now are not meaningful and threat actors can and do intentionally target the suppliers of more cyber-mature organizations by taking advantage of
Thelma A. Allen

New NIST Framework Strives for Cleaner, More Secure Power Grid

2 months ago
Whether it’s a new set of solar panels glistening on a neighbor’s roof or a freshly installed smart thermostat at home, burgeoning renewable and smart technologies represent steps toward a sustainable future. But much of their potential will remain untapped unless the power grid is managed in a much more flexible way. The ability of systems to speak the same language and exchange information securely, known as interoperability — think syncing your phone to the cloud or your computer — is key to unlocking flexibility on the grid. Researchers at the National Institute of Standards and Technology
Sarah Henderson

NICE Webinar: Top Ten Ways to Discover a Cybersecurity Career That Is Right for You

2 months ago
The webinar recording will be available soon. The PowerPoint slides used during this webinar can be downloaded here. Download the Continuing Education Units form. Speakers: Alyssa Miller Business Information Security Officer S&P Global Ratings Dr. Gerald Auger Cybersecurity Architect Medical University of South Carolina Timothy Desir 2021 NIST Professional Research Experience Program (PREP) Montgomery College Charissa Kim Founder Cyber Youth Tech (CyTech) Synopsis: How do you discover a career in cybersecurity? How do you prepare? How do you qualify? How do you demonstrate your capabilities
Susana Barraza

Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation and Timing Services--NISTIR 8323

2 months 1 week ago
NIST announces the release of the final NISTIR 8323, Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services. NIST has also prepared a PNT Profile Quick Guide for those who would like a higher-level overview of the effort to help decide whether they could benefit from the implementation of the Profile. About the Profile The PNT cybersecurity profile is part of NIST’s response to the Feb. 12, 2020, Executive Order 13905, Strengthening National Resilience Through Responsible Use of Positioning, Navigation, and
Thelma A. Allen

NIST Finalizes Cybersecurity Guidance for Positioning, Navigation and Timing Systems

2 months 1 week ago
As part of an effort to help users apply its well-known Cybersecurity Framework (CSF) as broadly and effectively as possible, the National Institute of Standards and Technology (NIST) has released finalized cybersecurity guidance for positioning, navigation and timing (PNT) services. Formally titled Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation and Timing (PNT) Services (NISTIR 8323), the document is part of NIST’s response to the Feb. 12, 2020, Executive Order 13905, Strengthening National Resilience Through Responsible Use
Sarah Henderson

NIST Publishes NISTIR 8301: Blockchain Networks—Token Design and Management Overview

2 months 1 week ago
Traditional data and operations management across organizations and on the web can involve inefficient transaction reconciliation between siloed databases, password fatigue, and single points of failure. These often result in concerns over interoperability, security, and privacy of data that affect both users and businesses. Blockchain technology has enabled a new software paradigm for managing digital ownership in partial or zero-trust environments. It uses tokens to conduct transactions, exchange verifiable data, and achieve coordination across organizations and on the web. Data models with
Thelma A. Allen

Accelerating Ideas Toward Commercialization

2 months 1 week ago
The start of the new year in the Technology Partnerships Office (TPO) brings with it innovative ideas and projects pushing the TPO and NIST mission forward. One of the primary goals of TPO is to elevate NIST inventions that have commercialization potential, put the spotlight on them, and help maneuver them from the labs to the commercial market. In doing so, TPO is able to increase the economic impact of federally funded research and development by accelerating and improving the transfer of new technologies from the laboratory to the commercial marketplace. Through bringing products to market
Nicole Gingrich

Ontology for Authentication: Draft NISTIR 8344 is Available for Comment

2 months 1 week ago
NIST announces the release of Draft NISTIR 8344, Ontology for Authentication, for public comment. This draft document is the result of an effort to define authentication by examining mechanisms used to prove position or membership; analyzing existing methods, tools, and techniques; and developing an abstract representation of authentication features and services. Basic mechanisms used to accomplish authentication are identified and discussed in general terms. While most authentication mechanisms utilize cryptography, specific implementations of the cryptography are left to standards that
Thelma A. Allen
Checked
4 hours 43 minutes ago
Subscribe to NIST Information feed