Home > Events


Events & Appearances

NccoE at Cloud Identity Summit 2014

Nate Lesser, deputy director of the NCCoE, will give a talk on the NCCoE's Attribute Based Access Control building block and identity management use cases at the Cloud Identity Summit, taking place in Monterey, Ca. from July 19-22, 2014.

NccoE at UTC Telecom 2014

The NCCoE's Nate Lesser will participate in a panel titled "Here to Help: U.S. Government Cybersecurity Resources for Utilities" at the UTC Telecom 2014 conference on May 7, 2014, in Phoenix, Az.

NccoE at FS-ISAC and BITS Annual Summit

Learn about the use cases in the NCCoE project "Securing Assets for the Financial Services Sector," from deputy director Nate Lesser at the FS-ISAC Spring Summit 2014 on May 6, 2014, in Amelia Island, Fl.

NccoE at Cyber and Information Security Research Conference

On April 10, 2014, Nate Lesser, deputy director of the NCCoE, will give a talk on public-private partnerships and cybersecurity at the 9th Cyber and Information Security Research Conference in Oak Ridge, Tn.

State and Local Government Cybersecurity Framework Kickoff

See the agenda (PDF).

Read ahead material

Because the agenda covers a great deal of material, we suggest you read this background information from the participating organizations in advance.

State and local CIOs and CISOs are invited to the National Cybersecurity Center of Excellence to learn about resources for the implementation of the Framework for Improving Critical Infrastructure Cybersecurity, Executive Order 13636. The Framework provides a structure that state and local governments can use to create, guide, assess or improve comprehensive cybersecurity programs.

The National Institute of Standards and Technology (NIST) released version 1.0 of the Framework on February 12, 2014. The release of the Framework marks the beginning of several areas of follow-on work to develop tools to help state and local governments implement the Framework, integrating and leveraging existing cyber efforts. The goal of this meeting is to lay out a plan of work for organizations assisting state and local government information officers and prioritize tasks for the coming year.

Join us at the NCCoE:

Thursday, March 27, 2014
8:00 a.m. to 12:30 p.m.

9600 Gudelsky Drive
Rockville, MD  20850

This event, which will also be available as a webinar, will include information about

Registration has closed.

Health Care Information Security Forum at NCCoE

The Maryland Department of Business and Economic Development will host a forum for health IT businesses on Wednesday, March 26, 2014, from 1 p.m. to 3:30 p.m. at the NCCoE, 9600 Gudelsky Dr., Rockville, MD 20853.

Attendance is limited. Register soon.

NCCoE at CIO Energy Summit

On Thursday, March 20, 2014, NCCoE deputy director Nate Lesser will participate in a panel titled, "Securing the Digital Modernization of the Oil and Gas Industry" at the CIO Energy Summit in Houston, Tx.

Under Secretary of Commerce and NIST Director at RSA 2014

Tomorrow, February 25, 2014, meet Under Secretary of Commerce and NIST Director Patrick Gallagher at the CyberMaryland booth #200, and at the NIST-NCCoE booth #108 at 3:15 p.m.

Trusted Geolocation Demos at Cybersecurity Innovation Forum

At this week’s Cybersecurity Innovation Forum in Baltimore, Md., NCCoE's Mike Bartock will demonstrate the Trusted Geolocation in the Cloud Building Block on Tuesday, January 28 and Wednesday, January 29, 2014 at 10:30 a.m. in booth #601. Businesses can use this capability to determine the approximate physical location of cloud computing servers and thereby monitor and control their workloads, anticipate and mitigate risks, and reduce their exposure to data leakage.

NCCoE Sponsors 2014 Cybersecurity Innovation Forum

The NCCoE is sponsoring the 2014 Cybersecurity Innovation Forum, to be held January 28-30, 2014, at the Baltimore Convention Center in Baltimore, Md. The goal of the forum is to identify a roadmap for active cyber defense through integrating trusted computing, information sharing and security automation technologies. Keynote speakers include Goldman Sachs Managing Director and Chief Information Risk Officer Phil Venables, Special Assistant to the President and Cybersecurity Coordinator Michael Daniels, and Chief Information Security Officer for the County of Los Angeles Robert Pittman. Other keynotes will cover industry views of the security threat, the Presidential Policy Directive on Critical Infrastructure Security and Resilience (PPD 21), impacts of PPD 21 and Executive Order 13636 on improving the cybersecurity of critical infrastructure, and the U.S. government’s collaboration with industry to secure our nation’s cybersecurity. The forum offers four tracks: Trusted Computing, Security Automation, Information Sharing, and Research.

At the forum on Tuesday, January 28 at 3:30 p.m., NCCoE deputy director Nate Lesser will give a talk titled "The NCCoE: Increasing the deployment and use of standards-based security technology" in Room 328-329

At the forum on Wednesday, January 29 at 9:30 a.m., NCCoE executive director Donna Dodson will participate in the panel discussion "USG – Working cooperatively to cybersecure our nation” in Ballroom I & II.

Meet other staff members from NCCoE and the NIST Information Technology Laboratory at our booth, #601.


The NCCoE will host an Industry Day on January 8, 2014 from 9:00 am to 3:00 pm for parties interested in the proposed Federally Funded Research and Development Center (FFRDC), which has been the subject of three Federal Register notices to date. Industry Day will engage vendors and federal employees in a discussion about the proposed requirement, the NCCoE and the forthcoming draft request for proposals (RFP) for the requirement.

See FedBizOpps.gov for the official NIST/NCCoE Industry Day notice.

The Industry Day will be held at:

The Universities at Shady Grove
Building I Auditorium
9630 Gudelsky Drive
Rockville, MD  20850

This is a free event. To register, visit https://www.ibbr.umd.edu/NCCoEFFRDCIndustry.

Due to space constraints, NIST has placed a limit on attendees of two individuals per organization. 

Registration deadline is January 6, 2014 at 5 pm.

9:00 am – 12:00 pm

  • “NCCoE 101”
  • Discussion of acquisition process for the FFRDC requirement

12:00 pm – 1:30 pm

  • Lunch break (Neither food nor beverages will be provided by NIST)

1:30 pm – 3:00 pm

  • Questions and answers

NOTE: This is NOT a "bidder's conference" and this announcement is not a request for proposal, a promise to contract or a commitment of any kind. The Government will not assume liability for costs incurred by any vendor for travel, marketing efforts or data offered for examination. Therefore, the cost of preparing information in response to this notice is not considered an allowable direct or indirect charge to the Government. 

NCCoE at RSA Archer GRC Roadshow

The NCCoE's Michael Bartock and Jeff Cichonski will discuss the security challenges highlighted in the NIST report, "Trusted Geolocation in the Cloud: Proof of Concept Implementation" (IR 7904) at the RSA Archer GRC Roadshow in McLean, Va. on December 5, 2013 at 10:45 am. Trusted Geolocation in the Cloud is one of NCCoE's Building Blocks, which address cybersecurity issues that affect multiple industry sectors.

NCCoE Workshop on Software Asset Management

December 5, 2013
9 am - 3 pm

9600 Gudelsky Drive
Rockville, MD 20850

This workshop will review and conduct a deep dive into the Continuous Monitoring Software Asset Management (SAM) Building Block. The building block proposes techniques for meeting SAM challenges. SAM, as envisioned in this building block, requires a standardized approach that provides an integrated view of software throughout its lifecycle. Such an approach must support the following capabilities:

  1. Authorization and verification of software installation media  
  2. Software execution authorization 
  3. Publication of installed software inventory 
  4. Software inventory-based network access control 

The NCCoE and NIST Computer Security Division, in collaboration with Department of Homeland Security, General Services Administration, and National Security Agency, have developed a proposed building block. The authors encourage you to review the document prior to the workshop to facilitate building block discussion and the exchange of ideas.


This workshop is oriented to security researchers, security practitioners, system integrators, and other parties interested in developing solutions that address the following challenges: 

  • Verifying the identity of the software publisher providing installation media
  • Verifying that installation media is authentic and hasn’t been tampered with
  • Determining what software is installed and in use on a given endpoint device including legacy and end-of-life products
  • By process of elimination, determining software that is installed on an endpoint device that was not deployed using authorized mechanisms
  • Restricting execution of software that was not installed using authorized mechanisms. 
  • Identifying the presence of software flaws in installed software
  • Determining if patches are installed on an endpoint device or if additional patches need to be deployed to remedy software flaws


9:00-9:45 am
Overview of the National Cybersecurity Center of Excellence

9:45-10:15 am
Building Block overview and business drivers

Building Block deep dive

Noon–1:30 pm
Lunch on your own

1:30–3:00 pm
Q/A and next steps

To confirm your attendance at this workshop send an email with your name, title, and organization to nccoe_events@nist.gov

Please download and review the building block document prior to the workshop.

Whether or not you attend the workshop, we welcome your comments. Send your feedback regarding this building block to conmon-nccoe@nist.gov.

State and County Rollout cyber tax credit

On November 25, 2013 from 7:30 - 9:30 am representatives from the state of Maryland and Montgomery County will visit the NCCoE to showcase resources for cybersecurity companies in Maryland. The centerpieces are the new Maryland cybersecurity investment incentive tax credit and the Montgomery County supplement. Tim McBride will give an overview of NCCoE (PDF). To register for this event, RSVP to Bernadette.Goovaerts@MontgomeryCountyMD.gov.

NCCOE at Information Security Financial Sector Conference

At the upcoming Information Security Financial Sector conference in London, NCCoE deputy director Nate Lesser will discuss the center's newest project focused on the financial services sector. Look for him there on November 19, 2013 at 2:45 pm. Nate will also participate in networking sessions during the conference.

NCCOE at Cyber Security Summit 2013

On October 22, 2013 at 1:30 pm, NCCoE deputy director Nate Lesser will discuss the center's approach to health IT use cases in the session "Healthcare - Security Framework and Solutions" at the Cyber Security Summit 2013 in Minneapolis, Mn.

Jonathan Margulies on Panel at Security B-sides DC

NCCoE project manager Jonathan Margulies will participate in the panel, “Critical Infrastructure and Key Resources,” on October 20, 2013 at the Security B-Sides conference in Washington, DC.

Curt Barker to Present at Cyber Security and Critical Infrastructure Protection conference

Curt Barker, a chief cybersecurity advisor to NCCoE, will speak on “Facilitating Critical Infrastructure Adoption of Emerging Cybersecurity Technologies”on September 18, 2013 at the Cyber Security and Critical Infrastructure Protection conference in Arlington, Va.

Mike Bartock and Nate Lesser to Present at Software/Supply Chain Assurance Forum

NCCoE staff members will present a demo and talk titled “The NCCoE and Trusted Geolocation in the Cloud - A Case Study,” on September 18, 2013 at the Software/Supply Chain Assurance Forum in McLean, Va.

Curt Barker at the Business Council for International Understanding

The NCCoE’s chief cybersecurity advisor, Curt Barker, will address matching standards and commercially-available components to real-world business problems in order to accelerate adoption of security platforms and increase business opportunities through public trust in electronic commerce in an address to the Business Council for International Understanding on September 17, 2013 in Washington, DC.

Jonathan Margulies at EnergySec

NCCoE project manager Jonathan Margulies will attend the EnergySec 9th Annual Security Summit from September 17-19, 2013 in Denver, Co. Stop by the NCCoE table to learn more about our energy sector use cases.

NCCoE Hosts Attribute Based Access Control Workshop

A workshop based on NIST Special Publication 800-162, "Guide to Attribute Based Access Control (ABAC) Definition and Considerations," will be held at the NCCoE on July 17, 2013.

Gavin O'Brien at Healthcare Data Analytics

Gavin O'Brien, our Health IT project lead, will speak at the Healthcare Data Analytics meeting on July 9, 2013, in Washington, D.C.

Gavin O'Brien to present at Telemedicine Policy Summit

Gavin O'Brien, who heads up our Health IT project, will speak June 27, 2013 at the American Telemedicine Association Federal Telemedicine Policy Summit in Washington, D.C.

Gavin O'Brien will Speak at Data Science Maryland

Gavin O'Brien, the project manager leading NCCoE's Health IT project, will speak at the Data Science MD meeting titled "Discovering and Securing the Data" on Tuesday, June 18, 2013 at 6:30 pm. Gavin will talk about the NCCoE's process and the status of the Mobile Devices Use Case.

Jonathan Margulies at I3P Conference

Jonathan Margulies, who leads NCCoE's efforts in the energy sector, visited Oak Ridge National Lab on Tuesday, June 11, 2013 to introduce the center's work to a meeting of the Institute for Information Infrastructure Protection (I3P).

Nate Lesser to Speak at HIPAA Security Conference

NCCoE Deputy Director Nate Lesser will speak at "Safeguarding Health Information: Building Assurance through HIPAA Security - 2013" on Wednesday, May 22 at 2:30 pm. His talk title is "Health IT and the National Cybersecurity Center of Excellence." For more information, visit the conference website.

Nate Lesser to Speak at FS-ISAC & BITS Annual Summit 2013

NCCoE Deputy Director Nate Lesser and other staff members of the NCCoE will attend the upcoming FS-ISAC & BITS Annual Summit from April 28 to May 1 in Ponte Vedra Beach, FL. Nate will serve on the Public-Private Information Sharing Challenge panel on Tuesday, April 30 from 11:30 am to 12:30 pm. The session will combine government and industry perspectives on the role of government in information sharing with financial sector institutions. The goal is to enhance two-way information sharing that will improve the cyber security posture of the sector. More information is available on the summit's website.

Health IT Mobile Device Use Case Meeting

  • April 17, 2013
  • A meeting to
    • Educate participating companies about their collaboration with us
    • Familiarize them with the problem statement and the scope of work
    • Help the companies self-identify the components they plan to bring

Celebrate Our Partners: Signing Ceremony

  • April 15, 2013 at 2:30 pm
  • Join us to celebrate our collaborations with Intel, Hytrust, McAfee, Cisco, Splunk, RSA, Symantec, Hewlett-Packard, Microsoft, Vanguard and Venafi in the National Cybersecurity Excellence Partnership.
  • In addition to NIST Director Patrick Gallagher, confirmed speakers are:
    • U.S. Senator Barbara Mikulski
    • Maryland Governor Martin O'Malley
    • Montgomery County Executive Ike Leggett
    • National Security Agency Director General Keith Alexander
  • To register, visit http://www.ibbr.umd.edu/NCCoENCEP


RSA 2013

Visit us at booth #250 at the 2013 RSA conference in San Francisco February 25 to March 1, 2013.

  • Dr. Pat Gallagher, director of NIST, will be at the NCCoE booth on Wednesday, February 27 from 4 - 4:30 pm.
  • NCCoE Deputy Director Nate Lesser will be at the CyberMaryland booth #216 to discuss the center, its business process, and the Secure Exchange of Health Information Demonstration Project on Wednesday, February 27, at 2:30 pm.

Visit the NCCoE booth for a Trusted Geolocation in the Cloud technical demonstration:

  • Monday, February 25 from 6:00 pm - 8:00 pm
  • Tuesday, February 26 from 11:00 am - 1:00 pm and 5:00 pm - 6:00 pm
  • Wednesday, February 27 from 11:00 am - 1:00 pm and 4:30 pm - 5:30 pm
  • Thursday, February 28 from 1:30 pm - 3:00 pm

NIST Cyber Security Showcase

  • January 29, 2013
  • 8:30 a.m. to 3:00 p.m

Co-sponsored buy TEDCO, the Maryland Technology Development Corporation. Learn about cybersecurity projects at NIST and opportunities to collaborate. On the agenda:

  • Overview of the National Cyber Security Center of Excellence
  • Overview of the NIST Cloud Computing Security Working Group
  • Opportunities for partnering
  • National Strategy for Trusted Identities in Cyberspace
  • Cybersecurity for electronic medical records, cloud computing, and the Smart Grid

To register, visit http://nistshowcase.eventbrite.com/

Trusted Geolocation in the Cloud Technical Demonstration

  • January 14, 2013
  • This workshop explains selected security challenges involving infrastructure as a service (IaaS) cloud computing technologies and geolocation. It will be a hands-on proof of concept implementation that was designed to address those challenges.

NCCoE Workshop

Footer line image