Nate Lesser, deputy director of the NCCoE, will give a talk on public-private partnerships and cybersecurity at the 9th Cyber and Information Security Research Conference, to take place April 8-10, 2014, in Oak Ridge, Tn.
State and local CIOs and CISOs are invited to the National Cybersecurity Center of Excellence to learn about resources for the implementation of the Framework for Improving Critical Infrastructure Cybersecurity, Executive Order 13636. The Framework provides a structure that state and local governments can use to create, guide, assess or improve comprehensive cybersecurity programs.
The National Institute of Standards and Technology (NIST) released version 1.0 of the Framework on February 12, 2014. The release of the Framework marks the beginning of several areas of follow-on work to develop tools to help state and local governments implement the Framework, integrating and leveraging existing cyber efforts. The goal of this meeting is to lay out a plan of work for organizations assisting state and local government information officers and prioritize tasks for the coming year.
Join us at the NCCoE:
Thursday, March 27, 2014
8:00 a.m. to 12:30 p.m.
9600 Gudelsky Drive
Rockville, MD 20850
This event, which will also be available as a webinar, will include information about
To register, indicate whether you will view the webinar or attend in person, and email your name and affiliation to firstname.lastname@example.org.
On Thursday, March 20, 2014, NCCoE deputy director Nate Lesser will participate in a panel titled, "Securing the Digital Modernization of the Oil and Gas Industry" at the CIO Energy Summit in Houston, Tx.
Tomorrow, February 25, 2014, meet Under Secretary of Commerce and NIST Director Patrick Gallagher at the CyberMaryland booth #200, and at the NIST-NCCoE booth #108 at 3:15 p.m.
At this week’s Cybersecurity Innovation Forum in Baltimore, Md., NCCoE's Mike Bartock will demonstrate the Trusted Geolocation in the Cloud Building Block on Tuesday, January 28 and Wednesday, January 29, 2014 at 10:30 a.m. in booth #601. Businesses can use this capability to determine the approximate physical location of cloud computing servers and thereby monitor and control their workloads, anticipate and mitigate risks, and reduce their exposure to data leakage.
The NCCoE is sponsoring the 2014 Cybersecurity Innovation Forum, to be held January 28-30, 2014, at the Baltimore Convention Center in Baltimore, Md. The goal of the forum is to identify a roadmap for active cyber defense through integrating trusted computing, information sharing and security automation technologies. Keynote speakers include Goldman Sachs Managing Director and Chief Information Risk Officer Phil Venables, Special Assistant to the President and Cybersecurity Coordinator Michael Daniels, and Chief Information Security Officer for the County of Los Angeles Robert Pittman. Other keynotes will cover industry views of the security threat, the Presidential Policy Directive on Critical Infrastructure Security and Resilience (PPD 21), impacts of PPD 21 and Executive Order 13636 on improving the cybersecurity of critical infrastructure, and the U.S. government’s collaboration with industry to secure our nation’s cybersecurity. The forum offers four tracks: Trusted Computing, Security Automation, Information Sharing, and Research.
At the forum on Tuesday, January 28 at 3:30 p.m., NCCoE deputy director Nate Lesser will give a talk titled "The NCCoE: Increasing the deployment and use of standards-based security technology" in Room 328-329
At the forum on Wednesday, January 29 at 9:30 a.m., NCCoE executive director Donna Dodson will participate in the panel discussion "USG – Working cooperatively to cybersecure our nation” in Ballroom I & II.
Meet other staff members from NCCoE and the NIST Information Technology Laboratory at our booth, #601.
The NCCoE will host an Industry Day on January 8, 2014 from 9:00 am to 3:00 pm for parties interested in the proposed Federally Funded Research and Development Center (FFRDC), which has been the subject of three Federal Register notices to date. Industry Day will engage vendors and federal employees in a discussion about the proposed requirement, the NCCoE and the forthcoming draft request for proposals (RFP) for the requirement.
See FedBizOpps.gov for the official NIST/NCCoE Industry Day notice.
The Industry Day will be held at:
The Universities at Shady Grove
Building I Auditorium
9630 Gudelsky Drive
Rockville, MD 20850
This is a free event. To register, visit https://www.ibbr.umd.edu/NCCoEFFRDCIndustry.
Due to space constraints, NIST has placed a limit on attendees of two individuals per organization.
Registration deadline is January 6, 2014 at 5 pm.
9:00 am – 12:00 pm
12:00 pm – 1:30 pm
1:30 pm – 3:00 pm
NOTE: This is NOT a "bidder's conference" and this announcement is not a request for proposal, a promise to contract or a commitment of any kind. The Government will not assume liability for costs incurred by any vendor for travel, marketing efforts or data offered for examination. Therefore, the cost of preparing information in response to this notice is not considered an allowable direct or indirect charge to the Government.
The NCCoE's Michael Bartock and Jeff Cichonski will discuss the security challenges highlighted in the NIST report, "Trusted Geolocation in the Cloud: Proof of Concept Implementation" (IR 7904) at the RSA Archer GRC Roadshow in McLean, Va. on December 5, 2013 at 10:45 am. Trusted Geolocation in the Cloud is one of NCCoE's Building Blocks, which address cybersecurity issues that affect multiple industry sectors.
December 5, 2013
9 am - 3 pm
9600 Gudelsky Drive
Rockville, MD 20850
This workshop will review and conduct a deep dive into the Continuous Monitoring Software Asset Management (SAM) Building Block. The building block proposes techniques for meeting SAM challenges. SAM, as envisioned in this building block, requires a standardized approach that provides an integrated view of software throughout its lifecycle. Such an approach must support the following capabilities:
The NCCoE and NIST Computer Security Division, in collaboration with Department of Homeland Security, General Services Administration, and National Security Agency, have developed a proposed building block. The authors encourage you to review the document prior to the workshop to facilitate building block discussion and the exchange of ideas.
This workshop is oriented to security researchers, security practitioners, system integrators, and other parties interested in developing solutions that address the following challenges:
Overview of the National Cybersecurity Center of Excellence
Building Block overview and business drivers
Building Block deep dive
Lunch on your own
Q/A and next steps
To confirm your attendance at this workshop send an email with your name, title, and organization to email@example.com
Please download and review the building block document prior to the workshop.
Whether or not you attend the workshop, we welcome your comments. Send your feedback regarding this building block to firstname.lastname@example.org.
On November 25, 2013 from 7:30 - 9:30 am representatives from the state of Maryland and Montgomery County will visit the NCCoE to showcase resources for cybersecurity companies in Maryland. The centerpieces are the new Maryland cybersecurity investment incentive tax credit and the Montgomery County supplement. Tim McBride will give an overview of NCCoE (PDF). To register for this event, RSVP to Bernadette.Goovaerts@MontgomeryCountyMD.gov.
At the upcoming Information Security Financial Sector conference in London, NCCoE deputy director Nate Lesser will discuss the center's newest project focused on the financial services sector. Look for him there on November 19, 2013 at 2:45 pm. Nate will also participate in networking sessions during the conference.
On October 22, 2013 at 1:30 pm, NCCoE deputy director Nate Lesser will discuss the center's approach to health IT use cases in the session "Healthcare - Security Framework and Solutions" at the Cyber Security Summit 2013 in Minneapolis, Mn.
NCCoE project manager Jonathan Margulies will participate in the panel, “Critical Infrastructure and Key Resources,” on October 20, 2013 at the Security B-Sides conference in Washington, DC.
Curt Barker, a chief cybersecurity advisor to NCCoE, will speak on “Facilitating Critical Infrastructure Adoption of Emerging Cybersecurity Technologies”on September 18, 2013 at the Cyber Security and Critical Infrastructure Protection conference in Arlington, Va.
NCCoE staff members will present a demo and talk titled “The NCCoE and Trusted Geolocation in the Cloud - A Case Study,” on September 18, 2013 at the Software/Supply Chain Assurance Forum in McLean, Va.
The NCCoE’s chief cybersecurity advisor, Curt Barker, will address matching standards and commercially-available components to real-world business problems in order to accelerate adoption of security platforms and increase business opportunities through public trust in electronic commerce in an address to the Business Council for International Understanding on September 17, 2013 in Washington, DC.
NCCoE project manager Jonathan Margulies will attend the EnergySec 9th Annual Security Summit from September 17-19, 2013 in Denver, Co. Stop by the NCCoE table to learn more about our energy sector use cases.
A workshop based on NIST Special Publication 800-162, "Guide to Attribute Based Access Control (ABAC) Definition and Considerations," will be held at the NCCoE on July 17, 2013.
Gavin O'Brien, our Health IT project lead, will speak at the Healthcare Data Analytics meeting on July 9, 2013, in Washington, D.C.
Gavin O'Brien, who heads up our Health IT project, will speak June 27, 2013 at the American Telemedicine Association Federal Telemedicine Policy Summit in Washington, D.C.
Gavin O'Brien, the project manager leading NCCoE's Health IT project, will speak at the Data Science MD meeting titled "Discovering and Securing the Data" on Tuesday, June 18, 2013 at 6:30 pm. Gavin will talk about the NCCoE's process and the status of the Mobile Devices Use Case.
Jonathan Margulies, who leads NCCoE's efforts in the energy sector, visited Oak Ridge National Lab on Tuesday, June 11, 2013 to introduce the center's work to a meeting of the Institute for Information Infrastructure Protection (I3P).
NCCoE Deputy Director Nate Lesser will speak at "Safeguarding Health Information: Building Assurance through HIPAA Security - 2013" on Wednesday, May 22 at 2:30 pm. His talk title is "Health IT and the National Cybersecurity Center of Excellence." For more information, visit the conference website.
NCCoE Deputy Director Nate Lesser and other staff members of the NCCoE will attend the upcoming FS-ISAC & BITS Annual Summit from April 28 to May 1 in Ponte Vedra Beach, FL. Nate will serve on the Public-Private Information Sharing Challenge panel on Tuesday, April 30 from 11:30 am to 12:30 pm. The session will combine government and industry perspectives on the role of government in information sharing with financial sector institutions. The goal is to enhance two-way information sharing that will improve the cyber security posture of the sector. More information is available on the summit's website.
Visit us at booth #250 at the 2013 RSA conference in San Francisco February 25 to March 1, 2013.
Visit the NCCoE booth for a Trusted Geolocation in the Cloud technical demonstration:
Co-sponsored buy TEDCO, the Maryland Technology Development Corporation. Learn about cybersecurity projects at NIST and opportunities to collaborate. On the agenda:
To register, visit http://nistshowcase.eventbrite.com/