Search CSRC

Presentations & Speakers at a Glance: Einstein 3a Reporting Tool. NOTE:  FORUM MEETINGS ARE OPEN TO ONLY FEDERAL/STATE EMPLOYEES, HIGHER EDUCATION EMPLOYEES, AND THEIR DESIGNATED SUPPORT CONTRACTORS.  REGISTRANTS MUST USE A .GOV, .EDU, OR .MIL ADDRESS FOR SIGN-UP.  SUPPORT CONTRACTORS MUST INDICATE THE AGENCY OR ORGANIZATION THEY SUPPORT.  The Federal Computer Security Program Managers Forum (the "Forum") is an informal group sponsored by the National Institute of Standards and Technology (NIST) to promote the sharing of system security information among federal, state, and local...

Presentations & Speakers at a Glance: Controlled Unclassified Information: Executive Order 13556, Patrick Viscuso, NARA.  Cross Agency Priority Goals, John Banghart, NSS. NOTE:  FORUM MEETINGS ARE OPEN TO ONLY FEDERAL/STATE EMPLOYEES, HIGHER EDUCATION EMPLOYEES, AND THEIR DESIGNATED SUPPORT CONTRACTORS.  REGISTRANTS MUST USE A .GOV, .EDU, OR .MIL ADDRESS FOR SIGN-UP.  SUPPORT CONTRACTORS MUST INDICATE THE AGENCY OR ORGANIZATION THEY SUPPORT.    The Federal Computer Security Program Managers Forum (the "Forum") is an informal group sponsored by the National Institute of Standards and...

“Partners in Performance:Shaping the Future of Cybersecurity Awareness, Education, and Training” March 18-20, 2014 NIST, Gaithersburg, Maryland Agenda - March 28, 2014 with Presentations Links Conference Program Webcasts - Day 1 (Dr. Ron Ross) and Day 3 (Ms. Linda Cureton and Mr. Ian Kelly) FISSEA 2014 Thank you for making it a huge success! FISSEA Educator of the Year – Sam Maroon, FITSI Foundation / Wounded Warrior Cyber Combat Academy Nomination letters FISSEA 2014 Security Contest Winners Winners Announced at March 2014 Conference (selected by judges): Poster...

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes Personal Identity Verification (PIV) Credentials for Mobile Devices  Hildegard, Ferraiolo, NIST The Next Generation (SP 800-73-4) PIV Card and the Purpose of the Pairing Code in the Wireless Environment  David Cooper, NIST Big Data and Privacy  Marjory S. Blumenthal, Executive Director, President’s Council of Advisors on Science and Technology, Office of Science and Technology Policy FISMA FY13 Report  Trevor Rudolph, OMB US CERT  Ann Barron-DiCamillo, Director, United States Computer Emergency...

(All presentations in .pdf format.) Federal Register NoticAnnouncing Meeting Minutes Updates on FedRAMP Sarbari Gupta, President & CEO, Electrosoft, Cybersecurity-Focused Strategy Quantum World and how NIST is preparing for future crypto Dustin Moody, Computer Scientist, Computer Security Division, NIST Andrew Regenscheid, Computer Scientist, Computer Security Division, NIST If you have any questions or need information please e-mail Annie Sokol .

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes October 22: FedRAMP Updates  Matt Goodrich, Acting Director, FedRAMP, Federal Cloud Computing Initiatives, GSA Mobile Devices and Protection of Sensitive Information: (IAD Mobility)  Troy Lange, Chief, Systems & Technologies Analysis, NSA Mobile Devices and Protection of Sensitive Information: (DoD’s Strategic Mobility Vision: Needs & Challenges)  Gregory F. Youst, DISA Chief Mobility Engineer, CTO Privacy Engineering for Cloud and Geolocation and Data Governance  Thomas Finneran, Principal Consultant...

Privacy is a challenging subject that spans a number of domains, including law, policy and technology. Notwithstanding numerous sets of principles, including the foundational Fair Information Practice Principles (FIPPs), that seek to address the handling of individuals' personal information, many concerns exist about the future of privacy in the face of rapidly evolving technologies. Process-oriented principles are an important component of an overall privacy framework, but on their own, they do not achieve consistent and measurable results in privacy protection. In the security field, risk...

Privacy is a challenging subject that spans a number of domains, including law, policy and technology. Notwithstanding numerous sets of principles, including the foundational Fair Information Practice Principles (FIPPs), that seek to address the handling of individuals' personal information, many concerns exist about the future of privacy in the face of rapidly evolving technologies. Process-oriented principles (such as FIPPs) are an important component of an overall privacy framework, but on their own they have not achieved consistent and measurable results in privacy protection. In the...

The goal of the workshop was to engage the cryptographic community to help NIST get a better understanding of SHA-3 and its possible applications, with particular focus on additional modes of operation for SHA-3 that might be worth standardizing in the future. Call for Papers Workshop Program Papers (zip file) Presentations (zip file)

The 2015 Cybersecurity Innovation Forum is a three-day event hosted by the National Institute of Standards and Technology, with participation from the National Security Agency, and the Department of Homeland Security. This event brings government and industry together to focus on current, emerging, and future challenges, technologies, projects, solutions, and research in trusted computing, security automation, and information sharing. The technical program covers four tracks: Trusted Computing Security Automation Cyber Information Sharing Research Tracks include lectures, panel...

Full Details (Agenda, Case Studies & Workshop Briefings) On October 1-2, 2015, NIST will host a workshop to share information on Best Practices in Cyber Supply Chain Risk Management, which will provide insights on: State of practice in several industry sectors; Currently used tools, standards, and best practices; How to establish a business case for integrating cyber supply chain risk management into organization's overall risk management processes; How to communicate cyber supply chain concerns to executive leadership; Synergies between quality, continuity, cybersecurity and other...

Direct Digital Manufacturing (DDM) involves fabricating physical objects from a data file using computer-controlled processes with little to no human intervention. It includes Additive Manufacturing (AM), 3D printing, rapid prototyping, etcetera. The technology is advancing rapidly and has the potential to significantly change traditional manufacturing and supply chain industries, including for information and communication technologies (ICT). On February 3, 2015, the National Institute of Standards and Technology (NIST) Information Technology Laboratory (ITL) Computer Security Division will...

Recent, well-publicized cybersecurity incidents within the retail space has impacted the industry—weakening consumer confidence, eroding privacy, and damaging businesses’ brand and reputation. As the holiday season approaches, increasing cybersecurity at the point of sale and for payment technologies has become a critical priority for consumer-facing businesses. Join us for a lively discussion on the trends and challenges to improving cybersecurity in the retail industry. Registration is free and required.  Details Time: 10:30 am - Noon Agenda and Speakers: 10:45 am - 11:15 am: Troy...

Presentations & Speakers at a Glance: Overview of SP 800-88, Revision 1, Guidelines for Media Sanitization, Andy Regenscheid, NIST. NOTE:  FORUM MEETINGS ARE OPEN TO ONLY FEDERAL/STATE EMPLOYEES, HIGHER EDUCATION EMPLOYEES, AND THEIR DESIGNATED SUPPORT CONTRACTORS.  REGISTRANTS MUST USE A .GOV, .EDU, OR .MIL ADDRESS FOR SIGN-UP.  SUPPORT CONTRACTORS MUST INDICATE THE AGENCY OR ORGANIZATION THEY SUPPORT.  The Federal Computer Security Program Managers Forum (the "Forum") is an informal group sponsored by the National Institute of Standards and Technology (NIST) to promote the sharing...

Presentations & Speakers at a Glance: Keynotes by OMB and Dr. Ron Ross, NIST; Updates from GAO; Presentations by FAA, NASA, Department of Transportation, NARA, DHS, Census, and NIST.  For more information, see the full Program. NOTE:  FORUM MEETINGS ARE OPEN TO ONLY FEDERAL/STATE EMPLOYEES, HIGHER EDUCATION EMPLOYEES, AND THEIR DESIGNATED SUPPORT CONTRACTORS.  REGISTRANTS MUST USE A .GOV, .EDU, OR .MIL ADDRESS FOR SIGN-UP.  SUPPORT CONTRACTORS MUST INDICATE THE AGENCY OR ORGANIZATION THEY SUPPORT.    The Federal Computer Security Program Managers Forum (the "Forum") is an informal...

Presentations & Speakers at a Glance: Implementing the Privacy Controls from NIST SP 800-53 Rev 4, Appendix J Operationally Within DHS, Debra Danisek & Jeff Gallucci, DHS; U.S. Government Configuration Baseline, NIST.  NOTE:  FORUM MEETINGS ARE OPEN TO ONLY FEDERAL/STATE EMPLOYEES, HIGHER EDUCATION EMPLOYEES, AND THEIR DESIGNATED SUPPORT CONTRACTORS.  REGISTRANTS MUST USE A .GOV, .EDU, OR .MIL ADDRESS FOR SIGN-UP.  SUPPORT CONTRACTORS MUST INDICATE THE AGENCY OR ORGANIZATION THEY SUPPORT.  The Federal Computer Security Program Managers Forum (the "Forum") is an informal group...

FIPS 201-2 Supporting Special Publications Workshop

28th Annual Conference, March 24-25, 2015 Agenda with Presentation Links - Posted April 2, 2015 "Changes, Challenges, and Collaborations: Effective Cybersecurity Training" Conference Program FISSEA Educator of the Year - Posthumously Shon Harris, Logical Security. Accepting the award were Michael Lester and Hamid Dehghan with Sam Maroon.  Nomination Letters FISSEA Security Awareness, Training, and Education Contest 2015 (view submissions) Awarded Certificates at Conference (selected by impartial judging committee prior to conference): Poster...

NIST and the Department of Health and Human Services (HHS), Office for Civil Rights (OCR) are pleased to co-host the 8th annual conference, Safeguarding Health Information: Building Assurance through HIPAA Security, on September 2-3, 2015 at the Grand Hyatt, Washington, D.C. The conference will explore the current health information technology security landscape and the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. This event will highlight the present state of health information security, and practical strategies, tips and techniques for implementing the HIPAA...

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Agenda (Final) Minutes   FAA Unmanned Aircraft Systems Update Stephen George, FAA Presentation on Breaches and Breach Reporting William Wright, Symantec Corporation Updates on Privacy Engineering Whitepaper Naomi Lefkovitz, Senior Privacy Policy Advisor, ITL, NIST Sean Brooks, Privacy Engineer, ITL, NIST Updates on NIST Cryptographic Standards Program Matt Scholl, ITL, NIST Andrew Regenscheid, ITL, NIST   If you have any questions or need information please e-mail Annie Sokol .

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes   Wednesday, June 10 Information Technology Laboratory (ITL) Realignment and Proposed Applied Cybersecurity Division  Donna Dodson, NIST National Initiative for Cybersecurity Education (NICE) Updates Rodney Petersen, Lead NICE, NIST IG Reporting on FISMA  Gale Stone, (Moderator), SSA  Dr. Brett M. Baker, National Science Foundation  Peter J. Sheridan, Federal Reserve Board Vehicle Infrastructure (Auto-manufacturer Communication and Usability): Discussion on Data Security and Privacy  Andrew...

(All presentations in .pdf format.) Federal Register Notice Announcing Meeting Minutes Wednesday, October 21 NIST and NSA Future Plans for Quantum Resistant Cryptography  Vincent M. Boyle, NSA  Lily Chen, Computer Security Division, NIST  Adrian Stanger, NSA Federal Government Cybersecurity: The 30-day Cybersecurity Sprint and the Marathon to Come  Chris DeRusha, Office of Management and Budget (OMB) Presentation from National Highway Traffic Safety Administration (NHTSA) Cem Hatipoglu, National Highway Traffic Safety Administration (NHTSA) Discussion on Due Diligence on Cybersecurity,...

NIST hosted the first Lightweight Cryptography Workshop on July 20-21, 2015.  There are several emerging areas in which highly constrained devices are interconnected, typically communicating wirelessly with one another, working in concert to accomplish some task. Examples of these areas include: sensor networks, healthcare, distributed control systems, the Internet of Things, cyber-physical systems, and the smart grid. Security and privacy can be very important in all of these areas. Because the majority of modern cryptographic algorithms were designed for desktop/server environments, many of...

Three tracks are being designed to enable attendees to gain the maximum benefit from the NICE 2015 Conference: Track 1: Accelerate Learning and Skills Development - Invoke a sense of urgency in both the public and private sectors to address the shortage of a skilled cybersecurity workforce. Stimulate approaches and techniques that can more rapidly increase the supply of qualified cybersecurity workers Reduce the time and cost for obtaining knowledge, skills, and abilities for in demand work roles Influence employers to shape job descriptions to reflect knowledge, skills, and abilities...

Full Workshop Details The advent of practical quantum computing will break all commonly used public key cryptographic algorithms. In response, NIST is researching cryptographic algorithms for public key-based key agreement and digital signatures that are not susceptible to cryptanalysis by quantum algorithms. NIST is holding this workshop to engage academic, industry, and government stakeholders. The Post Quantum Workshop will be held on April 2-3, 2015, immediately following the 2015 International Conference on Practice and Theory of Public-Key Cryptography. NIST seeks to discuss issues...