CyberSecurity Updates

Credit: metamorworks/shutterstock.com In previous posts we discussed different ways to implement differential privacy, each of which offers some trade-off between privacy and utility. But what does “utility” mean, and how do we know we are preserving it? To discuss this topic, we are delighted to introduce another guest author in our blog series, Claire McKay Bowen, Lead Data Scientist for Privacy and Data Security at the Urban Institute. Claire’s research focuses on assessing the quality…

Read More

Credit: metamorworks/shutterstock.com In previous posts we discussed many aspects of differential privacy: what it is, what it is useful for, and how it is applied to data analysis problems. All of those ideas can be applied once you get your hands on a whole dataset. What if the data you are interested in extracting insights from belongs to mutually distrusting organizations? For example, say you run a pumpkin spice latte stand and are wondering if…

Read More

This week’s blog post highlighting Cybersecurity Awareness Month is from NIST’s Marian Merritt, Deputy Director and Lead for Industry Engagement for the National Initiative for Cybersecurity Education (NICE). In this post, Marian discusses ways to minimize cybersecurity risks for small businesses. How did you end up at NIST working on small business cybersecurity projects? Like many in the cybersecurity industry, my career path to my current role was anything but a straight line. I began in the…

Read More

This week’s blog post highlighting Cybersecurity Awareness Month is from NIST’s Rodney Petersen, Director of the National Initiative for Cybersecurity Education (NICE). In this post, Rodney discusses Cybersecurity Career Awareness Week, a week-long campaign that inspires and promotes the exploration of cybersecurity careers. What is your job at NIST? I am the Director of the National Initiative for Cybersecurity Education (NICE) in the Applied Cybersecurity Division that is part of the Information Technology Lab.  I am also the informal…

Read More

This week’s blog post highlighting Cybersecurity Awareness Month is from NIST’s Dr. Shaneé Dawkins, Computer Scientist in ITL’s Visualization and Usability Group. In this post, Shaneé  discusses Phishing attacks and scams, as well as ways to keep your information protected. How did you end up at NIST working on cybersecurity projects? I have been a computer scientist in ITL’s Visualization and Usability Group for about 10 years conducting research on the human aspects of information technology. At…

Read More

This week’s blog post highlighting Cybersecurity Awareness Month kicks off our series and is from NIST’s Dave Temoshok, Senior Advisor in the Information Technology Laboratory Applied Cybersecurity Division. In this post, Dave discusses how to “Be Cyber Smart” with passwords by using Multifactor Authentication best practices. How did you end up at NIST working on cybersecurity projects? I currently serve as the Senior Advisor in the NIST Information Technology Laboratory Applied Cybersecurity Division. In general, I am…

Read More

Credit: Shutterstock/Anton Balazh For the past many months, NIST has taken advantage of the shift to online events to deepen our international engagement. NIST looked overseas as we kicked off our virtual Cybersecurity Risk Management webinar series in May, along with our co-hosts from the Center for Cybersecurity Policy and Law.  The event on May 25 drew registrants from over 70 countries and we shared and heard perspectives on international cybersecurity risk management.  The event…

Read More

For years, NIST has been conducting research in the areas of human-centered design and evaluation, usable cybersecurity, public safety communication technology, augmented-reality usability, biometrics usability, human factors, and cognitive engineering. We asked Yee-Yin Choong, a Human Factors Scientist in the Visualization and Usability Group, Information Technology Laboratory at NIST about her research and experience working in this unique field. Yee-Yin’s research goal is to understand people’s perceptions, expectations, experiences, and behaviors of human-system interactions –…

Read More

Credit: metamorworks/shutterstock.com We are excited to introduce our fourth guest author in this blog series, Chike Abuah, PhD student in computer science at the University of Vermont, whose research expands the state of the art in the subject of this blog post: static and dynamic analysis approaches to automatic proofs of differential privacy. – Joseph Near and David Darais Previously, we have discussed some differentially private algorithms and implementation bugs which can cause these algorithms…

Read More

Credit: Shutterstock/Cagkan Sayin As part of our ongoing community engagement following the publication of four IoT cybersecurity draft documents in December 2020, NIST conducted a quartet of roundtable discussions in June 2021 focused on draft NISTIR 8259B, IoT Non-Technical Supporting Capability Core Baseline. The roundtables spanned four weeks, and addressed the four core capabilities defined in NISTIR 8259B as well as general discussions on applying the baseline: June 8:  Documentation June 15:  Information Reception and…

Read More