Blog Posts Tagged with "NIST"
NIST Workshop: The Technical Aspects of Botnets
May 16, 2012 Added by:Infosec Island Admin
NIST seeks to engage all stakeholders to identify the available and needed technologies and tools to recognize, prevent, and remediate botnets; explore current and future efforts to develop botnet metrics and methodologies for measuring and reporting botnet metrics over time...
Comments (0)
ICS-CERT: Risk Management for the Electricity Sector
May 14, 2012 Added by:Infosec Island Admin
The DOE collaborated with the NIST and NERC to release a second draft of the Electricity Sector Cybersecurity Risk Management Process guideline, designed with the idea that cybersecurity risk management should be driven by the business needs of the company...
Comments (0)
NIST: Secure Biometric Acquisition with Web Services
May 04, 2012 Added by:Headlines
Researchers at the NIST have developed a new protocol for communicating with biometric sensors over wired and wireless networks, called WS-Biometric Devices (WS-BD), allows desktops, laptops, tablets and smartphones to access sensors that capture biometric data using web services...
Comments (0)
Online Tool Assesses Intellectual Property Awareness
April 06, 2012 Added by:Infosec Island Admin
The NIST and the USPTO have teamed up to create new online tool to help small companies and entrepreneurs evaluate their awareness of intellectual property, trade secrets, company data and more - and learn how to protect it...
Comments (0)
NIST Workshop on SCADA - ICS Security
April 05, 2012 Added by:Headlines
Securing against unlawful and malicious attacks is especially vital when the computers control major physical systems—manufacturing plants, transportation systems, power grids. Cybersecurity for physical systems is the topic of an upcoming NIST workshop...
Comments (0)
NIST: Technical Guidance for Evaluating Electronic Health Records
April 03, 2012 Added by:Infosec Island Admin
“This guidance can be a useful tool for EHR developers to demonstrate that their systems don’t lead to use errors... It will provide a way for developers and evaluators to objectively assess how easy their EHR systems are to learn and operate, while maximizing efficiency...”
Comments (0)
NIST Steering Group to Support Trusted Identities in Cyberspace
March 15, 2012 Added by:Infosec Island Admin
"The committee will guide creation of an ‘Identity Ecosystem’ in which businesses and individuals can have more confidence in the security and privacy of their online transactions. The committee will also be responsible for identifying resources that will support the effort..."
Comments (0)
NIST Draft Addresses Security Threats and Privacy Controls
March 07, 2012 Added by:David Navetta
NIST notes that many of the changes were driven by particular security issues and challenges requiring greater attention including, insider threats, mobile and cloud computing, application security, firmware integrity, supply chain risk, and advanced persistent threats...
Comments (0)
Encryption Key Management Primer – Requirement 3.6
February 23, 2012 Added by:PCI Guru
Requirement 3.6.4 always seems to be a sticking point because people get caught up in the key expiration concept. The thing to remember is that whether or not a key expires is typically related to the encryption algorithm such as for those using public key infrastructure...
Comments (0)
NIST Pursues Health Record System Usability Testing
February 22, 2012 Added by:Infosec Island Admin
The National Institute of Standards and Technology (NIST) seeks manufacturers of electronic health record (EHR) systems to participate in a research effort to develop methods for assessing the usability of health information systems...
Comments (0)
NIST Cybersecurity for Cyber-Physical Systems Workshop
February 14, 2012 Added by:Infosec Island Admin
The NIST ITL Computer Security Division will host a two-day workshop about the cyber security needed for cyber-physical systems (CPSs), with a focus on results of research and real-world deployment experiences...
Comments (0)
NIST Hosts Federal Infosec Educators Conference
February 13, 2012 Added by:Headlines
FISSEA is responsible for promoting cybersecurity awareness, training and education. The annual meeting is geared toward both new and seasoned security officers, IT managers, information security educators and researchers, cybersecurity trainers and teachers...
Comments (0)
NIST Finalized Guidelines for Security in the Cloud
February 13, 2012 Added by:David Navetta
According to NIST, SP 800-144 is geared for those involved in cloud computing initiatives; security personnel responsible for security and privacy measures for cloud computing; system and network administrators; and users of public cloud computing services...
Comments (0)
Incident Response and Risk Management Go Hand in Hand
February 13, 2012 Added by:Neira Jones
Residual risk is inevitable, so incident response becomes a crucial part of managing it. As the risk assessment identifies the assets critical to a business - threats, vulnerabilities and controls - so should the incident response plan concentrate on critical assets...
Comments (0)
NIST Seeks Proposals to Improve Trust in Cyberspace
February 10, 2012 Added by:Headlines
The National Institute of Standards and Technology (NIST) launched a competition for pilot projects to accelerate progress toward improved systems for interoperable, trusted online credentials that go beyond simple user IDs and passwords...
Comments (0)
Encryption: On Hashing Basics
February 09, 2012 Added by:PCI Guru
Never store the obscured value along with the truncated value. Always separate the two values and also implement security on the obscured value so that people cannot readily get the obscured value and the truncated value together without oversight and management approval...
Comments (0)
- Not Totally Sure What Just Happened...
- Has Anonymous Infiltrated the US Government?
- Big Opportunities in the Cloud
- Zeus Malware Targeting Facebook, Gmail and Yahoo Users
- Follow Up to the Out of Band Authentication Post
- Skype Malware Campaign Spreading Poison Ivy Trojan
- I Hope Edo is Worth the Privacy Risk
- Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
- NIST Workshop: The Technical Aspects of Botnets
- Security Automation by Hand - Batch/Bash/FOR