Scientific and technical research at the National Institute of Standards and Technology would get a nearly $30 million boost under the White House's spending proposal for the coming fiscal year.
The so-called " building block " is intended to provide an example of a cybersecurity implementation that a variety of sectors can use. The center, part of the National Institute of Standards and Technology, has also proposed building blocks for continuous monitoring and trusted geolocation.
The healthcare industry could greatly benefit from innovations in digital identity, said Jeremy Grant, senior executive advisor for identity management at the National Institute of Standards and Technology. Rather than create a one-off solution specific to healthcare, the industry can leverage other work being done to support the National Strategy for Trusted Identities in Cyberspace.
A Homeland Security Department official said the department sees small and medium businesses as a key community for adoption of the cybersecurity framework released earlier this month. DHS released a request for information seeking feedback on the cybersecurity industry's capability to provide "broadly scalable cyber security solutions at an affordable cost" to small and medium businesses.
Making good on a November promise to review its cryptographic standards development process and subject it to public comment, the National Institute of Standards and Technology released Wednesday proposed internal guidance that would bind it to being transparent, open and impartial.
The cybersecurity framework released earlier this month by the National Institute of Standards and Technology has the potential to change federal agencies' approach to cybersecurity as well as that of the original intended audience of private sector critical infrastructure companies, said a NIST official. The framework outlines a maturity model of four tiers against which adoptees can benchmark the sophistication of their cybersecurity program.
Now that the cybersecurity framework is out, the National Institute of Standards and Technology says a next step will be to map the alignment of its remaining library of cybersecurity guidance documents to practices called for in the voluntary guidance document.
Although the National Institute of Standards and Technology backed down from including a dedicated privacy appendix in the newly released critical infrastructure cybersecurity framework, it hasn't given up on the prospect of including privacy controls in future iterations of the framework. In the final version of the framework released Feb. 12 – final only in the sense that it's version 1.0 of what NIST says will be a "living document" – NIST removed an appendix containing privacy controls included in earlier drafts.
The House Homeland Security Committee approved by unanimous voice vote a cybersecurity bill that would codify the Homeland Security Department's role in federal cybersecurity and require it to work with the private sector on securing critical infrastructure.
The National Institute of Standards and Technology sees testing as critical to the formation of an identity ecosystem, as called for in the National Strategy for Trusted Identities in Cyberspace. On Jan. 16, NIST formally announced (.pdf) a federal funding opportunity for a third round of NSTIC pilots.