On Oct. 29, 1969, the first electronic message was sent on ARPANET, the precursor to today’s Internet. Despite crashing the system, that message is the reason today is designated International Internet Day. To mark the day, and the approaching end of Cybersecurity Awareness Month, Charles Romine, Director of the Information Technology Laboratory at the National Institute of Standards and Technology, has summarized NIST’s work on improving the security of the Internet and IT systems.
NIST has been conducting cybersecurity research for as long as there has been a cyberspace to secure. NIST issues the Federal Information Processing Standards that help to protect the federal government’s information systems and help agencies comply with the Federal Information Security Management Act. These standards and guidelines are often used by the private sector and state and local governments, and therefore have a broad impact on IT systems across the country and around the world.
Through the National Cybersecurity Center of Excellence (NCCoE), which was established in collaboration with the State of Maryland and Montgomery County, Md., we have been working directly with the private sector since 2012. The center’s goal is to accelerate the adoption of secure technologies through public-private collaborations that identify and address today’s most pressing cybersecurity challenges. We recently awarded a contract to establish the first Federally Funded Research and Development Center devoted to cybersecurity to support the NCCoE, providing needed flexibility in staffing and bringing in partners from industry and academia.
The National Strategy for Trusted Identities in Cyberspace (NSTIC) recently awarded three new grants for pilot projects that could lead to better ways of proving our identities online and protecting our personal information. The industry-led Identity Ecosystem Steering Group, which was launched by NSTIC in 2012, is supporting the development of standards that will foster a marketplace of improved authentication options for making secure purchases, banking or interacting with government agencies online.
NIST is hosting the 6th Cybersecurity Framework Workshop Oct. 29 and 30, in Tampa, Fla. The yearlong effort to create the Framework to Improve Critical Infrastructure Cybersecurity in response to an Executive Order from President Obama was really just the beginning. The framework is a living document that will need the continued involvement of industry to keep it useful as a tool for creating or improving organizational cybersecurity risk management.
NIST also has partnered with other federal agencies for the National Initiative for Cybersecurity Education, or NICE. The 2014 NICE Workshop will be Nov. 5-6, in Columbia, Md., and focuses on developing a future workforce of the cybersecurity savvy.
Through these and other programs, NIST has many ways that private industry, academia and other agencies can work toward better cybersecurity. Please join us in making the online environment safer.