NIST

NIST renews cyber center partnership, launches small business focus

The agency renewed its partnerships that support the National Cybersecurity Center of Excellence and launched the NIST Small Business Cybersecurity Community of Interest.

  • By Kirsten Errick

Do’s and don’ts of data de-identification

Data use standards and purpose-built software can help agencies protect individuals’ privacy while allowing for meaningful statistical analysis, NIST says.

  • By Kaitlyn Levinson

Securing IoT requires government, industry collaboration

As government looks to adopt procurement regulations for internet-connected devices, industry stakeholders are skeptical.

  • By Mariam Baksh

NIST on tap to improve cybersecurity of water systems

The National Institute of Standards and Technology hopes a new project will create a set of best practices to help the nation’s complex water and wastewater systems bolster their cybersecurity posture.

  • By Chris Riotta

NIST offers $1 million for next-gen incident command dashboards

Teams that use advanced technologies to improve the quality, usability and functionality of incident command dashboards for first responders can earn up to $1 million in the Command Dashboard Integrating Next-Gen, or CommanDING, challenge.

  • By Susan Miller

Scrubbing the bias from machine learning systems

Monitoring, testing and evaluating impacts will help limit the systemic, statistical and human biases that affect artificial intelligence systems, according to a new NIST report.

  • By Alexandra Kelley

Is the new secure hash algorithm really necessary?

NIST is about to name the winner of a four-year competition for SHA-3. But one of the finalists questions whether we need it.

  • By William Jackson

Keys to mobile security: Consistent controls, user common sense

GAO report on mobile threats concludes that certain agencies, and all users, can help improve security.

  • By Greg Crowe

Common IT security framework for government gets a step closer

NIST’s new risk assessment guidelines caps planned efforts of a multiagency task force, but federal cybersecurity is just entering its new phase.

  • By William Jackson

Too many agencies asleep at the wheel as IPv6 deadline looms

Just days before the deadline for enabling the next generation of Internet Protocols on web sites, more than half have not yet begun to do so, according to NIST. Meanwhile, the supply of IPv4 addresses continues to run out.

  • By William Jackson

The perils of bad patch management

Known vulnerabilities provide the most frequently attacked targets in commonly used software. NIST offers updated guidance for handling this crucial and challenging chore.

  • By William Jackson

Time to give up on Java?

The zero-day window for the latest Java vulnerability has officially closed, but agencies still have to decide whether the benefits of running Java on their computers outweigh the risks.

  • By William Jackson

The grace period on mobile security is over

As the bad guys turn their attention to mobile devices, the government has begun mapping out security that needs to be incorporated in coming generations of this technology.

  • By William Jackson

How to respond to the inevitable security breach

Incident response has become an integral part of IT security and NIST offers updated guidelines for handling breaches.

  • By William Jackson
Featured eBooks

BIOS' 'privileged position' makes it a target for sophisticated attacks

The Basic Input/Output System that boots a computer could be an attractive target for sophisticated exploits, and the complexity of servers creates specific challenges that NIST addresses in new security guidelines.

  • By William Jackson

Students 3D print a boat from milk jugs -- are jetliners next?

If a student team can build a homemade 3D printer that can produce a boat, the administration's $60 million foray into advanced manufacturing technology could hold promise.

  • By Kevin McCaney

As cyber threats get smarter, prevention must keep pace

NIST offers practical guidance on intrusion detection and prevention systems to help counter the new breed of stealthy, targeted attacks.

  • By William Jackson

Federal ID cards: Iris imaging in, fingerprint swiping out

NIST proposed new options for using iris recognition as an alternative to fingerprints in federal Personal Identity Verification.

  • By William Jackson

Like it or not, password management is a must

As more of our life moves online we still are looking for an identity management scheme that is practical, secure and scalable. Don't hold your breath.

  • By William Jackson

State not following NIST cloud guidelines, IG report says

State's Systems and Integration Office has made a strong effort to promulgate a mission statement and a set of goals, but lacks adequate controls and procedures to monitor its multi-year contracts, IG report says.

  • By GCN Staff

PIV card specs to account for mobile, other new factors

Proposed changes in FIPS 201 reflect changes in the technology and environment in which the federal PIV cards for government workers and contractors are used.

  • By William Jackson