Syndicate content

Blog Category: Cybersecurity

NIST Kicks Off New National Cybersecurity Center of Excellence

Submitted on June 29, 2012 - 11:00am
Categories:
NIST’s Curt Barker, Karen Waltermire, and Henry Wixon are seen explaining how interested parties can get involved

Guest blog post by Donna Dodson, Chief, Computer Security Division and Acting Director, National Cybersecurity Center of Excellence, National Institute of Standards and Technology

This week, Commerce's National Institute of Standards and Technology (NIST) hosted a workshop to kick off the National Cybersecurity Center of Excellence (NCCoE), a new public-private collaboration that will bring together experts from industry, government and academia to design, implement, test and demonstrate integrated cybersecurity solutions and promote their widespread adoption.

IT is central to financial, communications, healthcare and physical infrastructures and even entertainment systems. It is also under constant attack by cybercriminals looking to steal business data, personal information and devices, or disrupt private and government business with malicious code, denial of service and Web-based attacks.

We were excited to bring together representatives from various industry sectors (health, utility, financial, and more), along with those from government agencies, academia and other organizations to learn how the center will operate and how the public can participate. In the photo here, NIST’s Curt Barker, Karen Waltermire, and Henry Wixon are seen explaining how interested parties can get involved.

The NCCoE will provide a state-of-the-art computing facility where researchers from NIST can work collaboratively with both the users and vendors of products and services on holistic cybersecurity approaches. NIST is hosting the center in collaboration with the state of Maryland and Montgomery County, Md.

By providing a test bed where new ideas and technologies can be tried out before being deployed, the center provides the opportunity to thoroughly document and share each solution, supporting specific industry sector business challenges. This will encourage the rapid adoption of comprehensive cybersecurity templates and approaches that support automated and trustworthy e-government and e-commerce.

read more
  • Share

National Consumer Protection Week: Spotlight on Privacy

Submitted on March 5, 2012 - 5:00pm
Categories:

Today, President Obama declared March 4-10, 2012 as National Consumer Protection Week, building on a coordinated effort that encourages consumers nationwide to take full advantage of their consumer rights and make better-informed decisions. The Commerce Department is using this occasion to showcase the efforts of our Internet Policy Task Force, which is leveraging the expertise of several Commerce bureaus that are aimed at ensuring continued innovation in the Internet economy and preserving consumer trust in Internet commerce and online interactions. In particular, the Task Force continues to move forward in our work to promote new efforts that will lead to improved Internet privacy protection and better security for consumers online.

 In February, the Obama administration unveiled a “Consumer Privacy Bill of Rights” as part of a comprehensive blueprint to improve consumers’ privacy protections and ensure that the Internet remains an engine for innovation and economic growth. The president’s report called on the Commerce Department’s NTIA to begin convening companies, privacy advocates and other stakeholders to develop and implement enforceable privacy policies based on the Consumer Privacy Bill of Rights.

NTIA is now moving forward and seeking public input on what issues should be addressed through the privacy multistakeholder process and how to structure these discussions so they are open, transparent, and most productive. Today, NTIA issued a formal request for comment (PDF). The comment period will remain open until March 26, 2012.

As NTIA Administrator Lawrence Strickling illustrated last week, we hope to receive meaningful suggestions and input from a range privacy stakeholders.  Their continued involvement will be key for the future of consumer protection and we need your help to make it a success.

The report, “Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy,” (PDF) resulted from a comprehensive review of Internet privacy policy and innovation in the Internet economy lead by the Commerce Department’s Internet Policy Task Force.

  • Share

Maryland Governor O'Malley Urges Investment in Cybersecurity Education

Submitted on September 21, 2011 - 10:45am
Categories:
Gov. Martin O'Malley on podium

Maryland Governor Martin O'Malley addressed several hundred educators,  IT experts, and others at the National Institute of Standards and Technology (NIST) yesterday as part of a workshop hosted by the National Initiative for Cybersecurity Education (NICE), a national campaign coordinated by NIST.

Calling cybersecurity an "urgent priority," O'Malley emphasized the need for government and the private sector to work together to "invest in the skills of our people" and create new jobs in the cyber field. In part, he said job creation will depend on “how quickly we move good ideas from labs to the commercial sector.”

O’Malley described a state-wide cybersecurity initiative begun three years ago that includes partnerships with Maryland-based federal labs such as NIST and the National Security Agency, enhanced technology transfer efforts, and expansion of the cybersecurity career pipeline. He also discussed several programs that the state of Maryland has implemented in Science, Technology, Engineering and Mathematics (STEM), education at the college level and in career and technical education at the high school level to improve education in cybersecurity.

He noted that "a modern economy requires modern investment," and "the single most important investment is the investment in public education."

  • Share

Commerce Emphasizing Innovation and Efficiency in IT Security Operations

Submitted on September 8, 2011 - 3:00pm
Categories:
Simon Szyman at pdoium

Guest blog post by Simon Szykman, Chief Information Officer, U.S. Department of Commerce

You missed it! The Department of Commerce's Office of the Chief Information Officer (OCIO) hosted its inaugural Innovating Security Conference to increase knowledge and awareness of various initiatives, exchange information and ideas, and engage in discussions on ways to further protect and strengthen the security posture of the department’s information systems. Facing security threats that are evolving and growing in sophistication, while at the same time anticipating a constrained outlook for the future due to budget pressures, it is imperative for organizations across the department to pursue improvements in both efficiency and effectiveness by examining operations, collaborating on common objectives, improving information sharing, and identifying opportunities to leverage one another’s independent activities.

The two-day conference is one means of moving toward a higher level of efficiency and effectiveness by emphasizing internal collaborations and open dialogue. The conference included participation and invited speakers from Commerce, as well as from other federal agencies and the private sector, in order to leverage their best practices, lessons learned and knowledge in areas related to information system security. In addition to keynote and panel sessions, service offerings of Commerce internal service providers as well as industry vendors were highlighted during the event.

read more
  • Share

Protecting Our Electronic Main Street

Submitted on June 8, 2011 - 12:15pm
Categories:
Cybersecurity and the Electronic Main Street

Guest blog post by Ari Schwartz, Internet Policy Adviser at the National Institute of Standards and Technology, and member of the Internet Policy Task Force at the Department of Commerce.

As we all know, the Internet has led to incredible commercial growth and an unprecedented means for self-expression and innovation.  Some industry analysts now estimate that the Internet now carries some $10 trillion in online transactions annually.

However, each time a new technology dramatically expands the boundaries of commerce, there are dishonest, dangerous people who try to disrupt and exploit the new pathways for their own gain. Therefore, it should come as no surprise that as the Web, e-mail, and e-commerce have become the electronic version of Main Street, hackers, spammers, and cybercriminals have emerged as major threats to its welfare. An estimated 67,000 new malicious viruses, worms, spyware and other threats are released every day. 

To paraphrase Willy Sutton: It’s where the money. . . and the information is.

A new Commerce Department report issued today calls for a public-private partnership and voluntary codes of conduct to help strengthen the cybersecurity of companies that increasingly rely on the Internet to do business, but are not part of the critical infrastructure sector as defined by the administration’s recent cybersecurity legislative proposal.  Issued by the department’s Internet Policy Task Force, the report targets what it calls the Internet and Information Innovation Sector or the I3S.  These are businesses that range from Mom and Pop manufacturers or startups that sell most of their products and services online to social networking sites like Facebook and Twitter to cloud computing firms that provide anytime, anywhere access to applications and personal or public data.

read more

National Identity Strategy Envisions a More Trustworthy Internet

Submitted on April 15, 2011 - 11:45am
Categories:
Leslie Harris, President and CEO of CDT, testifying before the House Subcommittee on Commerce, Trade, and Consumer Protection on the need for a baseline consumer privacy bill.

Guest blog post by Leslie Harris, President and CEO of the Center for Democracy & Technology.

Today the Administration released an ambitious, long-term strategy document called the National Strategy for Trusted Identities in Cyberspace (NSTIC). The Strategy puts forth a vision where individuals can choose to use a smaller number of secure, privacy-preserving, and convenient online identities. This would be a shift away from today’s norm of numerous usernames, passwords, and online accounts scattered across the Web.

Importantly, the Administration has turned to the private sector to make this vision a reality. The Strategy is not a national ID program—in fact, it’s not an ID “program” at all. It is a call for leadership and innovation from private companies. The government’s role must now be to advocate for its citizens and to support the development of a fair and useful system.

Why should the American people care about a “strategy” for Internet identity?

First, a growing number of our Internet transactions require an identity. We’re continually prompted to create new accounts to participate in online social networking, shopping, banking, and forums. Most of us have no idea how our identifying information will be used or shared. It certainly doesn’t help that we have to offer a fresh set of information to every new service that comes along. Without a new approach, this trend will continue. We deserve better control over our identity and stronger assurances that it will not be misused. Innovation isn’t slowing down; we have to catch up.

read more

Administration Launches National Strategy for Trusted Identities in Cyberspace

Submitted on April 15, 2011 - 10:00am
Categories:
Panelists (Photo: Peter Cutts Photography)

U.S. Commerce Secretary Gary Locke was joined today at by Chair of the National Economic Council Gene Sperling and White House Cybersecurity Coordinator Howard A. Schmidt to release the administration’s National Strategy for Trusted Identities in Cyberspace (NSTIC) – a White House initiative to improve online security, increase privacy and foster economic growth and innovation online. Hosted by the U.S. Chamber of Commerce, the event included a panel discussion with industry leaders and privacy advocates, as well as demonstrations of innovative smart technologies being developed to improve online authentication. 

NSTIC is a key building block in the national effort to secure cyberspace. According to industry surveys, as many as eight million Americans are victims of online fraud and identity theft each year and lose an average of $631 out-of-pocket per incident. Through a private sector-led effort facilitated by the government, NSTIC aims to make online transactions more trustworthy and enhance consumers’ privacy, thereby giving businesses and consumers more confidence to conduct business online.  The webcast will be available on-demand at a later date.  |  White House press release and fact sheet

Secretary Locke, White House Cybersecurity Coordinator Howard Schmidt to Discuss Next Steps in Cybersecurity

Submitted on January 7, 2011 - 11:00am
Categories:

U.S. Commerce Secretary Gary Locke and White House Cybersecurity Coordinator Howard A. Schmidt are in Stanford, Calif., today at the Stanford Institute for Economic Policy Research to discuss the Obama administration’s efforts to enhance online security and privacy and next steps in meeting the challenges of a growing cyber world, with local industry and academic leaders in Silicon Valley.

The public and private sectors have critical roles to play in creating a system that allows people to complete online transactions with greater confidence that their personal information is safe. Through its forthcoming National Strategy for Trusted Identities in Cyberspace (NSTIC), the administration aims to support private-sector cybersecurity innovations by focusing on establishing identity solutions and privacy-enhancing technologies that will make the online environment more secure and convenient for users and consumers. E-commerce worldwide is estimated at $10 trillion of business online annually.  Release | Remarks  |  Video  |  FAQ

See video

Secretary Locke Announces Initiative to Keep Internet Open for Innovation and Trade at Cybersecurity Forum

Submitted on September 23, 2010 - 12:45pm
Categories:

Secretary Locke speaking at cybersecurity forum in GeorgetownSpeaking today at the 5th annual Online Trust and Cybersecurity Forum at Georgetown Univeristy, Secretary Locke announced the official launch of an initiative aimed at preserving the global, free flow of information online to ensure that the Internet remains open for commercial opportunity and innovation. This initiative coincides with President Obama's message today in his speech at the U.N. General Assembly in which he reinforced America's commitment to "a free and open Internet."

The Commerce Department is seeking public comment on the extent to which evolving policies from governments around the world may be restricting information on the Internet and inhibiting innovation and economic growth for U.S. companies. The request will seek input from all stakeholders to better understand the types of emerging government policies that restrict online information, how they are adopted, and what impact they have on innovation, job creation, economic development, global trade and investment.


read more
  • Share

Secretary Locke Announces NIST to Lead National Initiative for Cybersecurity Education

Submitted on April 29, 2010 - 7:29pm
Categories:
Locke at podium.

U.S. Commerce Secretary Gary Locke announced today at the Business Software Alliance Cybersecurity Forum that the Commerce Department’s National Institute of Standards and Technology (NIST) will coordinate and facilitate the implementation of the Obama administration’s National Initiative for Cybersecurity Education (NICE). This initiative expands the government’s cyber security education efforts into a national focus that will establish an operational, sustainable and continually-improving cyber security education program for the public and private sectors focused on sound cyber practices. (More) (Remarks)

  • Share