nist information technology laboratory itl the cyber
play

NIST Information Technology Laboratory (ITL) The Cyber Maryland - PowerPoint PPT Presentation

Oct 04, 2022 •13 likes •93 views

NIST Information Technology Laboratory (ITL) The Cyber Maryland Showcase Security Automation Guidance Tower of Babel Documents Too much Alerts & Web Sites proprietary, Advisories incompatible information Costly

  1. NIST Information Technology Laboratory (ITL) The Cyber Maryland Showcase

  2. Security Automation Guidance • “Tower of Babel” Documents – Too much Alerts & Web Sites proprietary, Advisories incompatible information – Costly – Error prone – Difficult to scale • Inefficient – Resources spent on Assessment “security hygiene” Reporting Tools Tools • Vulnerability management • Configuration Management management Tools • Patch management 2

  3. Security Automation •Automation: Guidance Documents – Compliance Alerts & Management (PCI, Web Sites Advisories HIPAA, etc…) – Efficiency – Accuracy – Resources re-tasked to harder problems: • Incident response • Infrastructure enhancement Assessment Reporting Tools • Standardization: Tools – Same Object, Same Management Name Tools – Reporting 3

  4. National Vulnerability Database • NVD is the U.S. government repository of public vulnerability management information. • Provides standardized reference for software vulnerabilities. • Used by government, industry and academia • Spanish and Japanese language translations

  5. National Checklist Program U.S. Government repository of publicly available security checklists � Eases compliance management � Checklists cover 178 products � Checklist contributors include � Government organizations � Vendors � Non-profit organizations

  6. Partners • US Government – National Security Agency (NSA) – Department of Homeland Security (DHS) – Defense Information Systems Agency (DISA) • Foreign Government – Japan - JVN/IPA - Japan Vulnerability Notes / Information Technology Promotion Agency – Spain – INTECO - Instituto Nacional de Tecnologías de la Comunicación • Private Sector – Apple, Microsoft, Red Hat, Sun Microsystems – Security product vendors

  7. Product Validation Program http://nvd.nist.gov/scapproducts.cfm

  8. John Banghart Computer Security Division Information Technology Laboratory john.banghart@nist.gov 301-975-8514

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

NIST Information Technology Laboratory (ITL) The Cyber Maryland Showcase Cryptography Sign

NIST Information Technology Laboratory (ITL) The Cyber Maryland Showcase Cryptography Sign

NIST Information Technology Laboratory (ITL) The Cyber Maryland Showcase Cryptography Sign Hash Accuracy O r i g i n Key Encrypt Challenges Processing delays Concealment I nformation overhead Key Key Management overhead

228 views • 7 slides
Opening Remarks Cybersecurity in Cyber-Physical Systems Workshop hosted by NIST Information

Opening Remarks Cybersecurity in Cyber-Physical Systems Workshop hosted by NIST Information

Opening Remarks Cybersecurity in Cyber-Physical Systems Workshop hosted by NIST Information Technology Laboratory April 23-24, 2012 George W. Arnold, Eng.Sc.D. Director, Smart Grid and Cyber-Physical Systems Program Office Engineering

534 views • 12 slides
IOT AND SMART CITIES Sokwoo Rhee Associate Director of Cyber-Physical Systems Program National

IOT AND SMART CITIES Sokwoo Rhee Associate Director of Cyber-Physical Systems Program National

NIST IOT AND SMART CITIES Sokwoo Rhee Associate Director of Cyber-Physical Systems Program National Institute of Standards and Technology (NIST) US Department of Commerce NIST Integrated, hybrid networks of cyber and engineered physical

361 views • 25 slides
Designing, Building and Managing a Cyber Security Program Based on the NIST Cybersecurity

Designing, Building and Managing a Cyber Security Program Based on the NIST Cybersecurity

Designing, Building and Managing a Cyber Security Program Based on the NIST Cybersecurity Framework (NIST CSF) A Business Case Agenda and Objectives The Digital Innovation Economy The Cyber Security Problem The Cyber Security Solution

260 views • 22 slides
SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security

SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security

SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security Training FISSEA Conference March 19, 2014 Pat Toth Penny Klein Computer Security Division Systegra Information Technology Laboratory NATIONAL

750 views • 40 slides
Toward Smart Healthcare Ram D. Sriram Chief, Software and Systems Division URL:

Toward Smart Healthcare Ram D. Sriram Chief, Software and Systems Division URL:

Toward Smart Healthcare Ram D. Sriram Chief, Software and Systems Division URL: http://www.nist.gov/itl/ssd/ sriram@nist.gov Information Technology Laboratory, National Institute of Standards and Technology Levels of Biological Information

115 views • 7 slides
Nassau County BOCES BUILDING AN INFORMATION SECURITY PROGRAM WITH CIS 20 AND NIST CSF MARCH 13,

Nassau County BOCES BUILDING AN INFORMATION SECURITY PROGRAM WITH CIS 20 AND NIST CSF MARCH 13,

Nassau County BOCES BUILDING AN INFORMATION SECURITY PROGRAM WITH CIS 20 AND NIST CSF MARCH 13, 2020 Adaptive Security AGENDA Introductions Presidio Cyber Security Practice Overview Why are we here? Common District Cyber

814 views • 56 slides
the Apocalypse and IOT Tim Grance grance@nist.gov Computer Security Division Information

the Apocalypse and IOT Tim Grance grance@nist.gov Computer Security Division Information

Musings on the Four Horsemen of the Apocalypse and IOT Tim Grance grance@nist.gov Computer Security Division Information Technology Laboratory National Institute of Standards and Technology 2015 Agenda Four Horsemen of the Apocalypse,

534 views • 17 slides
NIST CRYPTOGRAPHIC CONFORMANCE TESTING UPDATE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

NIST CRYPTOGRAPHIC CONFORMANCE TESTING UPDATE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

NIST CRYPTOGRAPHIC CONFORMANCE TESTING UPDATE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY INFORMATION TECHNOLOGY LABORATORY COMPUTER SECURITY DIVISION SECURITY TESTING, VALIDATION, AND MEASUREMENT MICHAEL COOPER MANAGER STVM ISPAB June

767 views • 19 slides
IT ITD D Cy Cyber ber Secu curi rity ty The NIST Framework High Value for ITS Shannon

IT ITD D Cy Cyber ber Secu curi rity ty The NIST Framework High Value for ITS Shannon

IT ITD D Cy Cyber ber Secu curi rity ty The NIST Framework High Value for ITS Shannon Barnes, CIO Craig Schumacher, CISO Idaho Transportation Department September 2015 NIST Cybersecurity Framework National Institute of Standards

336 views • 11 slides
rpliA Implantable Medical Devices Cyber Risks and Mitigation Approaches NIST Cyber Physical

rpliA Implantable Medical Devices Cyber Risks and Mitigation Approaches NIST Cyber Physical

rpliA Implantable Medical Devices Cyber Risks and Mitigation Approaches NIST Cyber Physical Systems Workshop April 23-24, 2012 Dr. Sarbari Gupta, CISSP, CISA sarbari@electrosoft-inc.com; 703-437-9451 ext 12 Agenda Overview of IMDs

553 views • 28 slides
NIST and the Smart Grid Annabelle Lee Senior Cyber Security Strategist National Institute of

NIST and the Smart Grid Annabelle Lee Senior Cyber Security Strategist National Institute of

NIST and the Smart Grid Annabelle Lee Senior Cyber Security Strategist National Institute of Standards and Technology U.S. Department of Commerce 11 January 2010 Why Do We Need Smart Grids? Fundamental Drivers Smart Grid goals Reduce

711 views • 34 slides
An Introduction to Quantum Information by Carl J. Williams National Institute of Standards &

An Introduction to Quantum Information by Carl J. Williams National Institute of Standards &

1 NIST Quantum Information Program An Introduction to Quantum Information by Carl J. Williams National Institute of Standards & Technology http://qubit.nist.gov MCSD Seminar -- NIST March 23, 2004 Table of Contents I. What is Quantum

1.13k views • 77 slides
Cyber Security and Smart Infrastructure: Research Dr. Stacy Prowell Chief Cyber Security

Cyber Security and Smart Infrastructure: Research Dr. Stacy Prowell Chief Cyber Security

Cyber Security and Smart Infrastructure: Research Dr. Stacy Prowell Chief Cyber Security Research Scientist Oak Ridge National Laboratory Main Points Information Sharing Enable discovering and sharing information about real threats to

216 views • 6 slides
Cyber Risk Insurance or loss of information from, IT systems and networks. 1. Do I need it? As

Cyber Risk Insurance or loss of information from, IT systems and networks. 1. Do I need it? As

Cyber insurance covers the losses relating to damage to, Cyber Risk Insurance or loss of information from, IT systems and networks. 1. Do I need it? As a business of any size, it is likely you will rely on information technology (IT)

253 views • 6 slides
Augmenting Presentation MathML for Search Bruce R. Miller 1 and Abdou Youssef 2 1 Information

Augmenting Presentation MathML for Search Bruce R. Miller 1 and Abdou Youssef 2 1 Information

Augmenting Presentation MathML for Search Bruce R. Miller 1 and Abdou Youssef 2 1 Information Technology Laboratory, National Institute of Standards and Technology, Gaithersburg, MD bruce.miller@nist.gov 2 Department of Computer Science, George

460 views • 7 slides
Paddy Pow er Betfair plc 2017 Interim Results Financial & Operating Review 3 Financial

Paddy Pow er Betfair plc 2017 Interim Results Financial & Operating Review 3 Financial

Paddy Pow er Betfair plc 2017 Interim Results Financial & Operating Review 3 Financial highlights Proforma 1 3% revenue growth in CC (Q1 +15%, Q2 -6%): YOY OY % % m H1 2 2017 17 H1 2 2016 016 YOY OY % % CC CC 2 Q2

630 views • 27 slides
Effect of chronic heavy smoking on ankle fracture healing Waseem Jerjes , Hiang Boon Tan, Peter

Effect of chronic heavy smoking on ankle fracture healing Waseem Jerjes , Hiang Boon Tan, Peter

Effect of chronic heavy smoking on ankle fracture healing Waseem Jerjes , Hiang Boon Tan, Peter Giannoudis Academic Unit of Trauma and Orthopaedic Surgery, School of Medicine, University of Leeds Cigarette smoking and bone Osteomyelitis and

484 views • 14 slides
Customer Handoff and Final Project Documentation Review: 18043 Richard Price, Danielle Polniak,

Customer Handoff and Final Project Documentation Review: 18043 Richard Price, Danielle Polniak,

Customer Handoff and Final Project Documentation Review: 18043 Richard Price, Danielle Polniak, Elizabeth Eichorn, Saidhon Orifov, Lucas Fitzgerald Agenda Final Demo Testing Results from Tests with ET Patient Testing Results from

369 views • 12 slides
Studying Biology & Wildlife at Salford Dr Jamie Gundry Teaching Fellow, Biology &

Studying Biology & Wildlife at Salford Dr Jamie Gundry Teaching Fellow, Biology &

Studying Biology & Wildlife at Salford Dr Jamie Gundry Teaching Fellow, Biology & Wildlife 2 Hoverfly Flight Remarkable flight control: maybe the most aerobatically gifted flying animals that have ever lived. 3 High Speed Digital

266 views • 7 slides
Disaster Management : Bangladesh Perspective Floods Asia and Pacific is the world s most

Disaster Management : Bangladesh Perspective Floods Asia and Pacific is the world s most

Disaster Management : Bangladesh Perspective Floods Asia and Pacific is the world s most disaster- prone region A person living in the region is 4 times riskier than those in Africa and 25 times than in Europe or North America. Context

574 views • 31 slides
Lower Don Trail Master Plan Refresh Public Open House_September 17 2019 1 Lower Don Trail

Lower Don Trail Master Plan Refresh Public Open House_September 17 2019 1 Lower Don Trail

Lower Don Trail Master Plan Refresh Public Open House_September 17 2019 1 Lower Don Trail Master Plan Refresh 2018-ongoing Partnership between City of Toronto and Evergreen Corktown Common to the Forks of East and West Don 8.1 kilometres

1.06k views • 82 slides
Small Wins Panel Presentation The Essence of Continuous Improvement 16 th LCI Congress | San

Small Wins Panel Presentation The Essence of Continuous Improvement 16 th LCI Congress | San

Small Wins Panel Presentation The Essence of Continuous Improvement 16 th LCI Congress | San Francisco, CA | October 7-10, 2014 Panel Presentation Agenda Introduction to Panel Presenters (5 min) Just Get off the Escalator! (3 min)

507 views • 30 slides
Riverside Drive/Hamner Avenue Proposed Development The project site is located at the southwest

Riverside Drive/Hamner Avenue Proposed Development The project site is located at the southwest

Riverside Drive/Hamner Avenue Proposed Development The project site is located at the southwest corner of Riverside Drive and Hamner Avenue. The project entitlements include the following applications: 1) General Plan Amendment 2)

116 views • 11 slides

More recommend