It's been four years since the Office of Management and Budget asked federal chief information officers to think "cloud first" – or consider cloud computing-based solutions when investing in new technology, or updating legacy systems.
The National Institute of Standards and Technology issued a draft publication Sept. 28 that will help federal enterprise email administrators, information security specialists and network managers better safeguard email.
The National Institute of Standards and Technology's authentication guidance document, known as NIST Special Publication 800-63, is being revised to better align with modern expectations of how to use authentication technologies within federal information systems, said Sean Brooks, privacy engineer at NIST.
The National Institute of Standards and Technology issued Sept. 30 a draft reference model to help agencies design attribute-based access control systems.
The public-private partnership tasked by the National Institute of Standards and Technology to create an "identity ecosystem" will release a major document later this month.
This fourth round of projects are part of the National Strategy for Trusted Identities in Cyberspace, which is aimed at encouraging adoption of more secure, easy-to-use and interoperable identity credentials for access to various online services.
The National Institute of Standards and Technology is researching the potential of contactless fingerprinting devices that would allow biometric reading simply by showing one's hand rather than placing it directly on a scanner
The National Cybersecurity Center of Excellence is urging utility companies to change decentralized identity management practices at their facilities to shore up a weak link against online attack.
Federal agencies are increasingly engaged in cybersecurity issues and understand they have something to protect, said the White House's cybersecurity czar, but he added that most agencies, like their private-sector counterparts, are not protecting themselves as well as they should.
The National Cybersecurity Center of Excellence is seeking vendor products and technical expertise on three projects that focus on mobile device security, personal identity verification credentials for such devices and access control.