Through the administration proposed National Network for Manufacturing Innovation, the government can play a role in innovating the way products are manufactured in the United States by getting business to invest in new ideas behind manufcaturing methods, Commerce Secretary Penny Pritzker told a Senate panel Nov. 13.
Hackers wishing to penetrate industrial control systems late at night or on the weekends will find their work mostly unhindered by ICS-CERT response, find Homeland Security Department auditors. In a newly released Oct. 24 report (.pdf) from the DHS office of inspector general, auditors say the ICS-CERT--the DHS organization tasked with analyzing and investigating ICS incidents and vulnerabilities--only has enough personnel to operate 12 hours a day for five days per week.
The National Institute of Standards and Technology will review its cryptographic standards development process and subject it to public comment and a formal review by an independent organization, the agency announced Nov. 1. In addition, Computer Security Division Chief Donna Dodson wrote that NIST will examine its existing body of cryptographic work and the procedures used to develop them, promising to address any cases where in retrospect the agency fell short "as quickly as possible."
The preliminary national critical infrastructure cybersecurity framework being developed by the National Institute of Standards and Technology is now officially open for comment following its...
In the draft – NIST SP 800-16 R. 1, second draft, version two (.pdf) – NIST notes that training differs from education, with the latter being led by the National Initiative for Cybersecurity Education. The NICE workforce taxonomy released in 2011 provides a framework for the education of cybersecurity workers, the draft says, whereas this NIST special publication focuses on how all federal workers will ensure government is information is secure.
A slightly-delayed preliminary federal cybersecurity framework detailing cybersecurity standards meant for voluntary adoption by private sector operators of critical infrastructure that the National Institute of Standards and Technology released Tuesday still leaves unanswered questions about how adoption will be measured.
The National Institute of Standards today release a much anticipated, slightly delayed preliminary draft (.pdf) of the cybersecurity framework meant for voluntary adoption by private sector operators of critical infrastructure.
The Federal Cloud Credential Exchange will reduce the complexity of credentialing, speed up integration with identity providers, improve consumer privacy and ease of use, and cut agency authentication costs, said Douglas Glair, manager of digital partnerships and alliances at the Postal Service, during a recent presentation. The FCCX will serve as a single broker to authenticate consumers, so end-users won't have to obtain a new credential each time they interact with an agency application, he added.
The Oct. 10 deadline for the National Institute of Standards and Technology to issue a preliminary cybersecurity framework for private sector operators of critical infrastructure came and went without action, due to the ongoing government shutdown.
Generating and interacting with data in the cloud requires security capabilities dependent on the cryptographic keys--but managing these keys is complex in a cloud environment, says the National Institute of Standards and Technology in a recently published interagency report.