NIST Dedicates New National Cybersecurity Center of Excellence Lab
Willie E. May, Under Secretary of Commerce for Standards and Technology and NIST's director, noted that employees how have five times more lab space "for collaborative advanced information technology projects."
Numerous federal officials, including Maryland's two U.S. senators, attended the Feb. 9 dedication ceremony in Rockville, Md., for a new national laboratory facility for the National Cybersecurity Center of Excellence (NCCoE), which is a public-private partnership launched by the Commerce Department's National Institute of Standards and Technology in 2013. Willie E. May, Under Secretary of Commerce for Standards and Technology and NIST's director, noted that employees how have five times more lab space "for collaborative advanced information technology projects."
Commerce Secretary Penny Pritzker said economic security through strong cybersecurity "is national security" and "companies and their boardrooms are our country's front lines."
"I'm proud of how much the Center has accomplished in helping to fortify those lines in such a short time. Twenty-two formal industry partners have pledged to provide hardware, software, and/or expertise, and several of these (Intel, HP, Hytrust, RSA, Symantec, Splunk) have just renewed those commitments," May explained in an article about the new facility, adding that the New York Power Authority on Feb. 9 became the first utility to publicly pledge to adopt a new NCCoE-developed cybersecurity guide for identity and access management.
"NIST has been in the cybersecurity business in a big way for decades. But the NCCoE now adds a key missing element. It's a single collaborative space where government and industry can brainstorm and assemble off-the-shelf commercial products into practical solutions for today's toughest cybersecurity issues," he wrote. "Building-block solutions for a wide array of IT fields are already under way in access control, data integrity, smart card credentials, secured email, mobile device security, privacy-enhanced identity brokers, software management, and trusted geolocation. What we need urgently now are fresh examples, many more collaborators and use cases in key industry sectors—retail, automotive, health care, energy, financial services, transportation."
NIST also announced a new deadline, Feb. 23, for information on how the "Framework for Improving Critical Infrastructure Cybersecurity" is being used to improve cybersecurity risk management. The Framework, as directed by Executive Order 13636, "Improving Critical Infrastructure Cybersecurity," consists of standards, methodologies, procedures, and processes that align policy, business, and technological approaches to address cyber risks. It was released Feb. 12, 2014. Information that is provided will assist in developing the agenda for a workshop on the Framework being planned by NIST for April 6-7, 2016, in Gaithersburg, Md.