Latest Headlines

Latest Headlines

A closer look at NIST's cloud roadmap and hybrid guidance

It's been four years since the Office of Management and Budget asked federal chief information officers to think "cloud first" – or consider cloud computing-based solutions when investing in new technology, or updating legacy systems. 

NIST draft guide aims to bolster email security

The National Institute of Standards and Technology issued a draft publication Sept. 28 that will help federal enterprise email administrators, information security specialists and network managers better safeguard email.

Revision could move NIST authentication guidance out of the weeds

The National Institute of Standards and Technology's authentication guidance document, known as NIST Special Publication 800-63, is being revised to better align with modern expectations of how to use authentication technologies within federal information systems, said Sean Brooks, privacy engineer at NIST.

NIST issues draft guide for managing attribute-based access to IT systems

The National Institute of Standards and Technology issued Sept. 30 a draft reference model to help agencies design attribute-based access control systems.

Spotlight: Major privacy-enhancing document to be issued this month, says NIST

The public-private partnership tasked by the National Institute of Standards and Technology to create an "identity ecosystem" will release a major document later this month. 

3 new NSTIC pilots focus on reducing tax refund thefts and securing health data and online storage

This fourth round of projects are part of the National Strategy for Trusted Identities in Cyberspace, which is aimed at encouraging adoption of more secure, easy-to-use and interoperable identity credentials for access to various online services.

NIST, FBI collaborate on biometric technology certification program

The National Institute of Standards and Technology is researching the potential of contactless fingerprinting devices that would allow biometric reading simply by showing one's hand rather than placing it directly on a scanner

NCCoE issues draft guidance for bolstering cybersecurity at utilities

The National Cybersecurity Center of Excellence is urging utility companies to change decentralized identity management practices at their facilities to shore up a weak link against online attack.

White House cybersecurity czar: Threat awareness has improved, but protection hasn't

Federal agencies are increasingly engaged in cybersecurity issues and understand they have something to protect, said the White House's cybersecurity czar, but he added that most agencies, like their private-sector counterparts, are not protecting themselves as well as they should.

NIST's cybersecurity center seeking help to address mobile security, network authentication

The National Cybersecurity Center of Excellence is seeking vendor products and technical expertise on three projects that focus on mobile device security, personal identity verification credentials for such devices and access control.