Cyber insurance can protect organizations from losing more than data, but choosing a cyber insurer and policy comes with its own caveats. The purchase decision maker must consider an individual company’s circumstances, such as revenue, risk tolerance, board guidance and regulatory environment relative to protected categories of information. In addition, every purchase decision must be critically reviewed, particularly regarding the extent of coverage exclusions in each policy.
The federal government, building on existing identity management practices, is investigating how it can leverage passports and other state and federally issued ID cards to verify identity in the digital age. The need to validate a citizen’s identity in person and online is only going to grow across platforms, experts say. And absent a secure commercial solution, the government may have to provide verification of identity.
The National Institute of Standards and Technology (NIST) awarded nearly $3.9 million in grants to 21 small businesses to support innovative technology development. Awardees in 16 states will receive Phase I or Phase II funding through NIST’s Small Business Innovation Research (SBIR) program. The innovative products to be developed through the grants aim to solve specific technology challenges in collaboration and partnership, data and modeling, precision measurements, and systems. Phase I awardees receive up to $100,000 to establish the merit, feasibility and commercial potential of the proposed research and development.
Better cooperation and enhanced information sharing between the government and industry will go a long way toward safeguarding digital networks and building up the work force needed to protect the information infrastructure. These are some of the recommendations offered by the nonpartisan Commission on Enhancing National Cybersecurity in its much-anticipated report released this month.
Do you work for a cyber company with federal government contracts? If so, hold onto your hat, because $210 billion in government information technology contracts will expire this year and be re-competed.
Calling all codebreakers. The National Institute of Standards and Technology, or NIST, needs the public's help to head off what officials say is a looming threat to information security: quantum computers.
It is believed that futuristic quantum computers significantly will outperform the supercomputers of today, an advancement that potentially could break encryption codes used to protect privacy in digital systems. The agency needs methods and strategies from the world’s cryptographers.
Coming on the heels of Virginia's big push to reduce the number of commuters last week on area roads with Virginia Telework Week, the National Institute of Standards and Technology (NIST) is updating guidance to include the latest technology available to strengthen remote-access data security, especially as the number of teleworkers trends upward.
OK, your New Year’s resolutions are probably distant memories, but resolutions to improve agency IT security should be yearlong endeavors. Before gearing up to move forward with implementing new fiscal year 2016 IT initiatives, it is a best practice to conduct a security audit to establish a baseline and serve as a comparison to start thinking about how the agency’s infrastructure and applications should change, and what impact that will have on IT security throughout the year.
It’s critical to maintain a consistent focus on security all year long. Security strategies, plans and tactics must be established and shared so that IT security teams are on the same page for the defensive endeavor.
The National Institute of Standards and Technology (NIST) has created a robotic arm that is being used to measure the properties of antennas rapidly and accurately. The robot, formally named the Configurable Robotic Millimeter-Wave Antenna facility, may be the ultimate innovation, extending measurements to higher frequencies while characterizing antennas faster and more easily than previous NIST facilities.
The National Institute of Standards and Technology (NIST) published Friday its final guidelines for federal agencies to follow when they provide controlled unclassified information for use on nonfederal systems, such as information on systems used by contractors or universities that work with the government.
The guidance aims to ensure sensitive information remains confidential. The government established the controlled unclassified information (CUI) program to standardize how the executive branch handles unclassified information requiring protection, such as personally identifiable information.
The U.S. government-backed cybersecurity framework for the nation’s federal agencies and critical infrastructure sector—released one year ago today—has received a general thumbs up of approval from industry experts. The structured guideline, presented by the Department of Commerce’s National Institute of Standards and Technology (NIST), is proving a successful advent toward a better understanding of cyber risks and organizations’ vulnerabilities, and the development of security programs to protect networks.
Cyberspace has security problems, and the U.S. government is trying to do something about it. The National Strategy for Trusted Identities in Cyberspace (NSTIC) is promoting a plan and taking actions to move citizens beyond usernames and passwords to more powerful methods of authentication. In recent years, massive data theft has occurred in the cyber realm. Even strong passwords are vulnerable to hackers.
The National Institute of Standards and Technology (NIST) has released the initial public draft of the first revision of the Guide for Conducting Risk Assessments (Special Publication 800-30). This revision shifts the focus of the guidelines from management to assessment, and NIST Special Publication 800-39 now replaces Special Publication 800-30 as the authoritative source of comprehensive risk management guidance.
|A U.S. paratrooper uses a handheld identity detection device to scan an Afghan man's iris while on patrol in Afghanistan's Ghazni province.|
|Patrick Grother is a computer scientist with the NIST Information Technology Laboratory, in charge of the biometric portion of the FIPS 201 update.|