GAITHERSBURG, Md. – Privacy as a field lacks the precision of cybersecurity, leaving a gap when it comes to implementing specific protective measures, federal officials said today during a workshop at the National Institute of Standards and Technology.
Private sector cloud computing providers will have a changed set of security controls to adhere to when selling to federal agencies starting later this summer.
A review of the buildings that withstood the deadly 2011 tornado in Joplin, Mo., and those that collapsed has led the National Institute of Standards and Technology to recommend new building code standards. Safe rooms, storm shelters and nuclear power plants have tornado-resistant design standards, but no such standards exist for ordinary buildings.
The National Institute of Standards and Technology doesn't take into account service demand when it issues funds to Manufacturing Extension Partnership centers. That leaves some centers short when demand is high, a March 27 Government Accountability Office report says.
State and local operators of critical infrastructure won't get a dedicated grant program to foster adoption of a cybersecurity framework the government released earlier this year – not unless Congress approves legislation allowing it, said a Homeland Security Department official.
The Defense Department's mobility pilot is now well underway, but as the department allows non-BlackBerry devices to connect to its network, it faces several previously unforeseen challenges, said DoD Chief Information Officer Teri Takai. Non-customized consumer devices present problems in terms of credentialing and pre-loaded applications, said Takai at a March 26 event hosted by the National Institute of Standards and Technology.
An effort to align defense and federal civilian cybersecurity guidance culminated this month with the Defense Department jettisoning its specialized certification and accreditation process.The change is an expected one that grew in likelihood as the DoD and NIST actively sought over the past few years through a joint task force common ground in their cybersecurity guidance documents.
An Obama administration effort to replace online passwords with an "identity ecosystem" led by the National Institute of Standards and Technology would receive $24.5 million under the White House budget proposal for the coming fiscal year.
A new generation of smart systems that network previously stand-alone devices – such as your thermostat – also bring the potential for dramatic new cyber attacks, says the National Institute for Standards and Technology. In newly released details of the agency's budget proposal for the coming year, NIST says it needs $18.8 million to study "cyber-physical systems," with $5 million of that dedicated to improving their security.
What's worked for laptops and desktops won't work for mobile devices when it comes to verifying users' identity, says the National Institute of Standards and Technology. Enter what NIST calls a "derived credential," a way of taking the identity verification and encryption key infrastructure built up since 2004 for the identity smartcards and applying it to mobile devices.