IN THIS ISSUE

• NIST PUBLISHES THE NICE CYBERSECURITY WORKFORCE FRAMEWORK: CATEGORIZING AND DESCRIBING CYBERSECURITY WORK FOR THE NATION
• ITL RESEARCHERS RELEASE SOFTWARE TO BRING ALGORITHMS TO DATA IN THE CLOUD
• SCIENTISTS AUTOMATE KEY STEP IN FORENSIC FINGERPRINT ANALYSIS
• INDUSTRIAL CONTROL SYSTEMS CYBERSECURITY
• STAFF RECOGNITION
• SELECTED NEW PUBLICATIONS
• CONFERENCE CALENDAR

NIST PUBLISHES THE NICE CYBERSECURITY WORKFORCE FRAMEWORK: CATEGORIZING AND DESCRIBING CYBERSECURITY WORK FOR THE NATION

ITL's National Initiative for Cybersecurity Education (NICE) recently released NIST Special Publication 800-181, the NICE Cybersecurity Workforce Framework. The publication serves as a fundamental reference to support a workforce capable of meeting an organization’s cybersecurity needs. It provides organizations with a common, consistent lexicon that categorizes and describes cybersecurity work by Category, Specialty Area, and Work Role. The publication is a resource from which organizations or sectors can develop additional publications or tools that meet their needs to define or provide guidance on different aspects of workforce development, planning, training, and education. 

Read More

ITL RESEARCHERS RELEASE SOFTWARE TO BRING ALGORITHMS TO DATA IN THE CLOUD

In today’s cloud computing world, a major effort is made to efficiently bring algorithms to the data. While this allows for a simplified ingest of data using specialized algorithms, little is done to prevent the exfiltration (or data leakage) of the information contained in the data, which may be troublesome in the cases where the data contains Personal Identifying Information (PII) or other sensitive information. In many scenarios, such as medical modeling or computer vision technologies, this algorithm-to-data paradigm is avoided altogether due to the potential sensitivity of the data.  Read More

SCIENTISTS AUTOMATE KEY STEP IN FORENSIC FINGERPRINT ANALYSIS

Scientists have been working to reduce the opportunities for human error in fingerprint analysis. Recently, scientists from the National Institute of Standards and Technology (NIST) and Michigan State University (link is external) report that they have developed an algorithm that automates a key step in the fingerprint analysis process.  Read More

INDUSTRIAL CONTROL SYSTEMS CYBERSECURITY

Despite the threats of cyberattack on computer-controlled industrial systems, utilities and other users of these systems can be hesitant to adopt common security technologies out of concern for their impact on system performance. NIST developed a guide to help industry understand and implement cybersecurity approaches to protect them from these threats. Read More

Donna Dodson

Congratulations to Donna Dodson, NIST Chief Cybersecurity Advisor, on being named a NIST Fellow, the highest scientific and technical position at NIST.

David Ferraiolo

Congratulations to David Ferraiolo, Computer Security Division, on receiving the 2018 IEEE Innovation Award in Societal Infrastructure Award, for advancing the foundations and practice of information security through creation, development, and technology transfer of role-based access control (RBAC).

Richard Kuhn

Congratulations to Richard Kuhn, Computer Security Division, on receiving the 2018 IEEE Innovation Award in Societal Infrastructure Award, for advancing the foundations and practice of information security through creation, development, and technology transfer of role-based access control (RBAC).

An Introduction to Information Security (NIST Special Publication 800-12rev1)

Organizations rely heavily on the use of information technology (IT) products and services to run their day-to-day activities. Ensuring the security of these products and services is of the utmost importance for the success of the organization. This publication introduces the information security principles organizations may leverage to understand the information security needs of their respective systems.

Automation Support for Security Control Assessments (NISTIR 8011, Volume 1: Overview)

Volume 1 introduces concepts to support automated assessment of most of the security controls in NIST Special Publication (SP) 800-53. Referencing SP 800-53A, the controls are divided into more granular parts (determination statements) to be assessed.

Automation Support for Security Control Assessments (NISTIR 8011, Volume 2: Hardware Asset Management)

Volume 2 addresses the Hardware Asset Management (HWAM) information security capability. The focus of the HWAM capability is to manage risk created by unmanaged devices on a network. Unmanaged devices are targets that attackers can use to gain and more easily maintain a persistent platform from which to attack the rest of the network.

Evaluation Infrastructure for the Measurement of Content-based Video Quality and Video Analytics Performance (NISTIR 8187)

This report describes a novel framework for evaluation of video analytics which uses video quality metric prediction as a measurement of the system performance. This system is used to improve overall video analytics system performance.

Incident Scenarios Collection for Public Safety Communications: Framing the Context of Use (NISTIR 8181)

A project goal for NIST's Public Safety Communications Research (PSCR) Usability Team is to develop use cases to test and evaluate of new and emerging public safety communications technologies. This document presents a set of public-safety incident scenarios collected from fire, emergency medical services, and law enforcement domains.

Subscribe / Unsubscribe