nist information technology laboratory itl the cyber
play

NIST Information Technology Laboratory (ITL) The Cyber Maryland - PowerPoint PPT Presentation

Oct 04, 2022 •13 likes •93 views

NIST Information Technology Laboratory (ITL) The Cyber Maryland Showcase Security Automation Guidance Tower of Babel Documents Too much Alerts & Web Sites proprietary, Advisories incompatible information Costly

  1. NIST Information Technology Laboratory (ITL) The Cyber Maryland Showcase

  2. Security Automation Guidance • “Tower of Babel” Documents – Too much Alerts & Web Sites proprietary, Advisories incompatible information – Costly – Error prone – Difficult to scale • Inefficient – Resources spent on Assessment “security hygiene” Reporting Tools Tools • Vulnerability management • Configuration Management management Tools • Patch management 2

  3. Security Automation •Automation: Guidance Documents – Compliance Alerts & Management (PCI, Web Sites Advisories HIPAA, etc…) – Efficiency – Accuracy – Resources re-tasked to harder problems: • Incident response • Infrastructure enhancement Assessment Reporting Tools • Standardization: Tools – Same Object, Same Management Name Tools – Reporting 3

  4. National Vulnerability Database • NVD is the U.S. government repository of public vulnerability management information. • Provides standardized reference for software vulnerabilities. • Used by government, industry and academia • Spanish and Japanese language translations

  5. National Checklist Program U.S. Government repository of publicly available security checklists � Eases compliance management � Checklists cover 178 products � Checklist contributors include � Government organizations � Vendors � Non-profit organizations

  6. Partners • US Government – National Security Agency (NSA) – Department of Homeland Security (DHS) – Defense Information Systems Agency (DISA) • Foreign Government – Japan - JVN/IPA - Japan Vulnerability Notes / Information Technology Promotion Agency – Spain – INTECO - Instituto Nacional de Tecnologías de la Comunicación • Private Sector – Apple, Microsoft, Red Hat, Sun Microsystems – Security product vendors

  7. Product Validation Program http://nvd.nist.gov/scapproducts.cfm

  8. John Banghart Computer Security Division Information Technology Laboratory john.banghart@nist.gov 301-975-8514

Recommend

NIST Information Technology Laboratory (ITL) The Cyber Maryland Showcase Cryptography Sign

NIST Information Technology Laboratory (ITL) The Cyber Maryland Showcase Cryptography Sign

NIST Information Technology Laboratory (ITL) The Cyber Maryland Showcase Cryptography Sign Hash Accuracy O r i g i n Key Encrypt Challenges Processing delays Concealment I nformation overhead Key Key Management overhead

228 views • 7 slides
Opening Remarks Cybersecurity in Cyber-Physical Systems Workshop hosted by NIST Information

Opening Remarks Cybersecurity in Cyber-Physical Systems Workshop hosted by NIST Information

Opening Remarks Cybersecurity in Cyber-Physical Systems Workshop hosted by NIST Information Technology Laboratory April 23-24, 2012 George W. Arnold, Eng.Sc.D. Director, Smart Grid and Cyber-Physical Systems Program Office Engineering

534 views • 12 slides
IOT AND SMART CITIES Sokwoo Rhee Associate Director of Cyber-Physical Systems Program National

IOT AND SMART CITIES Sokwoo Rhee Associate Director of Cyber-Physical Systems Program National

NIST IOT AND SMART CITIES Sokwoo Rhee Associate Director of Cyber-Physical Systems Program National Institute of Standards and Technology (NIST) US Department of Commerce NIST Integrated, hybrid networks of cyber and engineered physical

361 views • 25 slides
Designing, Building and Managing a Cyber Security Program Based on the NIST Cybersecurity

Designing, Building and Managing a Cyber Security Program Based on the NIST Cybersecurity

Designing, Building and Managing a Cyber Security Program Based on the NIST Cybersecurity Framework (NIST CSF) A Business Case Agenda and Objectives The Digital Innovation Economy The Cyber Security Problem The Cyber Security Solution

260 views • 22 slides
SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security

SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security

SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security Training FISSEA Conference March 19, 2014 Pat Toth Penny Klein Computer Security Division Systegra Information Technology Laboratory NATIONAL

750 views • 40 slides
Toward Smart Healthcare Ram D. Sriram Chief, Software and Systems Division URL:

Toward Smart Healthcare Ram D. Sriram Chief, Software and Systems Division URL:

Toward Smart Healthcare Ram D. Sriram Chief, Software and Systems Division URL: http://www.nist.gov/itl/ssd/ sriram@nist.gov Information Technology Laboratory, National Institute of Standards and Technology Levels of Biological Information

115 views • 7 slides
Nassau County BOCES BUILDING AN INFORMATION SECURITY PROGRAM WITH CIS 20 AND NIST CSF MARCH 13,

Nassau County BOCES BUILDING AN INFORMATION SECURITY PROGRAM WITH CIS 20 AND NIST CSF MARCH 13,

Nassau County BOCES BUILDING AN INFORMATION SECURITY PROGRAM WITH CIS 20 AND NIST CSF MARCH 13, 2020 Adaptive Security AGENDA Introductions Presidio Cyber Security Practice Overview Why are we here? Common District Cyber

814 views • 56 slides
the Apocalypse and IOT Tim Grance grance@nist.gov Computer Security Division Information

the Apocalypse and IOT Tim Grance grance@nist.gov Computer Security Division Information

Musings on the Four Horsemen of the Apocalypse and IOT Tim Grance grance@nist.gov Computer Security Division Information Technology Laboratory National Institute of Standards and Technology 2015 Agenda Four Horsemen of the Apocalypse,

534 views • 17 slides
NIST CRYPTOGRAPHIC CONFORMANCE TESTING UPDATE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

NIST CRYPTOGRAPHIC CONFORMANCE TESTING UPDATE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

NIST CRYPTOGRAPHIC CONFORMANCE TESTING UPDATE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY INFORMATION TECHNOLOGY LABORATORY COMPUTER SECURITY DIVISION SECURITY TESTING, VALIDATION, AND MEASUREMENT MICHAEL COOPER MANAGER STVM ISPAB June

767 views • 19 slides
IT ITD D Cy Cyber ber Secu curi rity ty The NIST Framework High Value for ITS Shannon

IT ITD D Cy Cyber ber Secu curi rity ty The NIST Framework High Value for ITS Shannon

IT ITD D Cy Cyber ber Secu curi rity ty The NIST Framework High Value for ITS Shannon Barnes, CIO Craig Schumacher, CISO Idaho Transportation Department September 2015 NIST Cybersecurity Framework National Institute of Standards

336 views • 11 slides
rpliA Implantable Medical Devices Cyber Risks and Mitigation Approaches NIST Cyber Physical

rpliA Implantable Medical Devices Cyber Risks and Mitigation Approaches NIST Cyber Physical

rpliA Implantable Medical Devices Cyber Risks and Mitigation Approaches NIST Cyber Physical Systems Workshop April 23-24, 2012 Dr. Sarbari Gupta, CISSP, CISA sarbari@electrosoft-inc.com; 703-437-9451 ext 12 Agenda Overview of IMDs

553 views • 28 slides
NIST and the Smart Grid Annabelle Lee Senior Cyber Security Strategist National Institute of

NIST and the Smart Grid Annabelle Lee Senior Cyber Security Strategist National Institute of

NIST and the Smart Grid Annabelle Lee Senior Cyber Security Strategist National Institute of Standards and Technology U.S. Department of Commerce 11 January 2010 Why Do We Need Smart Grids? Fundamental Drivers Smart Grid goals Reduce

711 views • 34 slides
An Introduction to Quantum Information by Carl J. Williams National Institute of Standards &

An Introduction to Quantum Information by Carl J. Williams National Institute of Standards &

1 NIST Quantum Information Program An Introduction to Quantum Information by Carl J. Williams National Institute of Standards & Technology http://qubit.nist.gov MCSD Seminar -- NIST March 23, 2004 Table of Contents I. What is Quantum

1.13k views • 77 slides
Cyber Security and Smart Infrastructure: Research Dr. Stacy Prowell Chief Cyber Security

Cyber Security and Smart Infrastructure: Research Dr. Stacy Prowell Chief Cyber Security

Cyber Security and Smart Infrastructure: Research Dr. Stacy Prowell Chief Cyber Security Research Scientist Oak Ridge National Laboratory Main Points Information Sharing Enable discovering and sharing information about real threats to

216 views • 6 slides
Cyber Risk Insurance or loss of information from, IT systems and networks. 1. Do I need it? As

Cyber Risk Insurance or loss of information from, IT systems and networks. 1. Do I need it? As

Cyber insurance covers the losses relating to damage to, Cyber Risk Insurance or loss of information from, IT systems and networks. 1. Do I need it? As a business of any size, it is likely you will rely on information technology (IT)

253 views • 6 slides
Augmenting Presentation MathML for Search Bruce R. Miller 1 and Abdou Youssef 2 1 Information

Augmenting Presentation MathML for Search Bruce R. Miller 1 and Abdou Youssef 2 1 Information

Augmenting Presentation MathML for Search Bruce R. Miller 1 and Abdou Youssef 2 1 Information Technology Laboratory, National Institute of Standards and Technology, Gaithersburg, MD bruce.miller@nist.gov 2 Department of Computer Science, George

460 views • 7 slides
U.S. DEPARTMENT OF STATE JSAS Cyber Security IT Security Awareness training consistent with NIST

U.S. DEPARTMENT OF STATE JSAS Cyber Security IT Security Awareness training consistent with NIST

ISSLOB SSC CYBERSECURITY AWARENESS U.S. DEPARTMENT OF STATE JSAS Cyber Security IT Security Awareness training consistent with NIST SP 800-50 A proven, reliable solution that verifies retention of material and concepts A well

344 views • 17 slides
Security Challenges and Requirements for Industrial Control Systems in the Semiconductor

Security Challenges and Requirements for Industrial Control Systems in the Semiconductor

Security Challenges and Requirements for Industrial Control Systems in the Semiconductor Manufacturing Sector Malek Ben Salem Accenture Technology Labs NIST Workshop on Cyber-Security for Cyber-physical Devices April 23 rd , 2012 Outline

837 views • 37 slides
Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three

Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three

Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three points of failure in any secure network: Technology (hardware and software) Technology Support (ITS) End Users (USD students and employees)

359 views • 23 slides
Submarine Design Test & Evaluation: Challenging Cyber-Provenance & Cyber Sidecars

Submarine Design Test & Evaluation: Challenging Cyber-Provenance & Cyber Sidecars

Submarine Design Test & Evaluation: Challenging Cyber-Provenance & Cyber Sidecars Capability Systems Centre, School of Engineering and Information Technology Dr Keith Joiner, CSC Group Captain (Retd) Pictures courtesy Australian

339 views • 8 slides
Cyber Security Resources For County Government September 21, 2017 September 21, 2017 2 NIST

Cyber Security Resources For County Government September 21, 2017 September 21, 2017 2 NIST

Cyber Security Resources For County Government September 21, 2017 September 21, 2017 2 NIST Cybersecurity Framework September 21, 2017 3 Resources Available to NYS Counties Funding (State Homeland Security and UASI Grants) Free

231 views • 22 slides
NIST Air-Kerma Standard for Electronic Brachytherapy Calibrations Michael G. Mitch, Ph.D. Leader,

NIST Air-Kerma Standard for Electronic Brachytherapy Calibrations Michael G. Mitch, Ph.D. Leader,

NIST Air-Kerma Standard for Electronic Brachytherapy Calibrations Michael G. Mitch, Ph.D. Leader, Dosimetry Group Radiation Physics Division Physical Measurement Laboratory National Institute of Standards and Technology Disclaimers Certain

382 views • 36 slides
Cyber/Information Cyber/Information Security Cyber/Information Cyber/Information Security

Cyber/Information Cyber/Information Security Cyber/Information Cyber/Information Security

Cyber/Information Cyber/Information Security Cyber/Information Cyber/Information Security Security Insurance: Security Insurance: Insurance: Insurance: A Montana Perspective A Montana Perspective Presented by: d b Brett E. Dahl,

197 views • 8 slides
GPU Panel for Medicine at UMD Measurement Science Based on Full Coverage Microscopic

GPU Panel for Medicine at UMD Measurement Science Based on Full Coverage Microscopic

GPU Panel for Medicine at UMD Measurement Science Based on Full Coverage Microscopic Measurements Peter Bajcsy Information Technology Laboratory National Institute of Standards and Technology (NIST) Gaithersburg, MD, USA Measurement Problem

274 views • 6 slides

More recommend