NIST offers $1 million for next-gen incident command dashboards

Teams that use advanced technologies to improve the quality, usability and functionality of incident command dashboards for first responders can earn up to $1 million in the Command Dashboard Integrating Next-Gen, or CommanDING, challenge.

Scrubbing the bias from machine learning systems

Monitoring, testing and evaluating impacts will help limit the systemic, statistical and human biases that affect artificial intelligence systems, according to a new NIST report.

Is the new secure hash algorithm really necessary?

NIST is about to name the winner of a four-year competition for SHA-3. But one of the finalists questions whether we need it.

Keys to mobile security: Consistent controls, user common sense

GAO report on mobile threats concludes that certain agencies, and all users, can help improve security.

Common IT security framework for government gets a step closer

NIST’s new risk assessment guidelines caps planned efforts of a multiagency task force, but federal cybersecurity is just entering its new phase.

Too many agencies asleep at the wheel as IPv6 deadline looms

Just days before the deadline for enabling the next generation of Internet Protocols on web sites, more than half have not yet begun to do so, according to NIST. Meanwhile, the supply of IPv4 addresses continues to run out.

The perils of bad patch management

Known vulnerabilities provide the most frequently attacked targets in commonly used software. NIST offers updated guidance for handling this crucial and challenging chore.

Time to give up on Java?

The zero-day window for the latest Java vulnerability has officially closed, but agencies still have to decide whether the benefits of running Java on their computers outweigh the risks.

The grace period on mobile security is over

As the bad guys turn their attention to mobile devices, the government has begun mapping out security that needs to be incorporated in coming generations of this technology.

How to respond to the inevitable security breach

Incident response has become an integral part of IT security and NIST offers updated guidelines for handling breaches.

BIOS' 'privileged position' makes it a target for sophisticated attacks

The Basic Input/Output System that boots a computer could be an attractive target for sophisticated exploits, and the complexity of servers creates specific challenges that NIST addresses in new security guidelines.

Students 3D print a boat from milk jugs -- are jetliners next?

If a student team can build a homemade 3D printer that can produce a boat, the administration's $60 million foray into advanced manufacturing technology could hold promise.

As cyber threats get smarter, prevention must keep pace

NIST offers practical guidance on intrusion detection and prevention systems to help counter the new breed of stealthy, targeted attacks.

Federal ID cards: Iris imaging in, fingerprint swiping out

NIST proposed new options for using iris recognition as an alternative to fingerprints in federal Personal Identity Verification.

Like it or not, password management is a must

As more of our life moves online we still are looking for an identity management scheme that is practical, secure and scalable. Don't hold your breath.

State not following NIST cloud guidelines, IG report says

State's Systems and Integration Office has made a strong effort to promulgate a mission statement and a set of goals, but lacks adequate controls and procedures to monitor its multi-year contracts, IG report says.

PIV card specs to account for mobile, other new factors

Proposed changes in FIPS 201 reflect changes in the technology and environment in which the federal PIV cards for government workers and contractors are used.