Guest blog post by Donna Dodson, Chief, Computer Security Division and Acting Director, National Cybersecurity Center of Excellence, National Institute of Standards and Technology
This week, Commerce's National Institute of Standards and Technology (NIST) hosted a workshop to kick off the National Cybersecurity Center of Excellence (NCCoE), a new public-private collaboration that will bring together experts from industry, government and academia to design, implement, test and demonstrate integrated cybersecurity solutions and promote their widespread adoption.
IT is central to financial, communications, healthcare and physical infrastructures and even entertainment systems. It is also under constant attack by cybercriminals looking to steal business data, personal information and devices, or disrupt private and government business with malicious code, denial of service and Web-based attacks.
We were excited to bring together representatives from various industry sectors (health, utility, financial, and more), along with those from government agencies, academia and other organizations to learn how the center will operate and how the public can participate. In the photo here, NIST’s Curt Barker, Karen Waltermire, and Henry Wixon are seen explaining how interested parties can get involved.
The NCCoE will provide a state-of-the-art computing facility where researchers from NIST can work collaboratively with both the users and vendors of products and services on holistic cybersecurity approaches. NIST is hosting the center in collaboration with the state of Maryland and Montgomery County, Md.
By providing a test bed where new ideas and technologies can be tried out before being deployed, the center provides the opportunity to thoroughly document and share each solution, supporting specific industry sector business challenges. This will encourage the rapid adoption of comprehensive cybersecurity templates and approaches that support automated and trustworthy e-government and e-commerce.Our goals are to:
- enhance trust in U.S. IT communications, data, and storage systems;
- lower risk for companies and individuals using IT systems;
- encourage development of innovative, job-creating cybersecurity products and services.
The center’s work will be pursued through public-private sector teams organized around “use cases.” Team members will work together to identify objectives and create opportunities for collaborative leadership among technology and business communities.
Our first use case will be centered on health IT. To tell us about the importance and challenges securing electronic health information, the workshop’s speakers included two representatives from the U.S. Department of Health and Human Services, Leon Rodriguez, Director, Office of Civil Rights, and Joy Pritts, Chief Privacy Officer, Office of the Coordinator for Health Information Technology. NIST has been working closely with both of their offices over the last few years to promote the development of stronger safeguards for protecting health information and to increase adoption of secure and interoperable IT.
Future use cases will be selected and refined through workshops and input from broad groups of stakeholders, as well as public feedback. Applicable standards and guidelines will be identified and interested IT vendors involved through open calls for participation.
This first workshop was a great first step in getting the NCCoE up and running. We welcome communities with cybersecurity business challenges to contact us via our website where you’ll soon be able to see presentations and video from our June 26 workshop and join the conversation on our wiki.