Search Publications

Displaying 351 - 375 of 2846

Linha de Base do Nucleo de Recursos de Ciberseguranca de Dispositivos IoT

March 31, 2021

Author(s)

Michael Fagan, Katerina N. Megas, Matt Smith, Karen Scarfone

Os recursos de cibersegurança dos dispositivos são funções que os dispositivos de computação fornecem através dos seus próprios meios técnicos (ex: hardware e software do dispositivo). Esta publicação define uma linha de base dos recursos de cibersegurança

Referencia basica de las capacidades de ciberseguridad de los dispositivos de IoT

March 31, 2021

Author(s)

Michael Fagan, Katerina N. Megas, Matt Smith, Karen Scarfone

Las capacidades de ciberseguridad de dispositivo son características o funciones de ciberseguridad que los dispositivos informáticos proporcionan por sus propios medios técnicos (es decir, el hardware y el software del dispositivo). Esta publicación define

Securing Property Management Systems

March 30, 2021

Author(s)

Bill Newhouse

Hotels have become targets for malicious actors wishing to exfiltrate sensitive data, deliver malware, or profit from undetected fraud. Property management systems, which are central to hotel operations, present attractive attack surfaces. This example

Consideraciones para la gestion de riesgos a la ciberseguridad y la privacidad de internet de las cosas (IoT)

March 29, 2021

Author(s)

Katie Boeckl, Michael Fagan, Bill Fisher, Naomi Lefkovitz, Katerina N. Megas, danna o'rourke, Karen Scarfone, Benjamin Piccarreta, Ellen Nadeau

La internet de las cosas (IoT) es un conjunto de diversas tecnologías que evolucionan y se difunden con rapidez, y que interactúan con el mundo físico. Muchas organizaciones no se dan cuenta del gran número de dispositivos de IoT que ya están utilizando

Consideracoes para Gerenciar Riscos de Privacidade e Seguranca Cibernetica na Internet das Coisas (IoT)

March 29, 2021

Author(s)

Katie Boeckl, Michael Fagan, Bill Fisher, Naomi Lefkovitz, Katerina N. Megas, Ellen Nadeau, Benjamin Piccarreta, Karen Scarfone, Danna O'Rourke

A Internet das Coisas (IoT) é uma coleção em rápida evolução e expansão de diversas tecnologias que interagem com o mundo físico. Muitas organizações não estão necessariamente cientes do grande número de dispositivos IoT que já estão usando e como eles

Workshop Summary Report for "Cybersecurity Risks in Consumer Home Internet of Things (IoT) Devices" Virtual Workshop

March 29, 2021

Author(s)

Michael Fagan, Katerina N. Megas, Barbara Bell Cuthill, Mary Raguso, John Wiltberger

This report provides a summary of the discussion and findings from the NIST Cybersecurity Risks in Consumer Home IoT Devices virtual workshop in October 2020. NIST Interagency Report (NISTIR) 8259, Foundational Cybersecurity Activities for IoT Device

Cybersecurity Standards and Guidelines to Assist Small and Medium-Sized Manufacturers

March 21, 2021

Author(s)

Timothy Zimmerman, CheeYee Tang, Michael Pease, Keith A. Stouffer

Cybersecurity standards and guidelines produced by NIST can assist small and medium-sized manufacturers to protect their operational technology from cybersecurity threats. NIST cybersecurity standards, guidelines, and research underway at NIST is described

Pandemic parallels: What can cybersecurity learn from COVID?

March 15, 2021

Author(s)

Steven Furnell, Julie Haney, Mary Theofanos

While the threats may appear to be vastly different, further investigation reveals that the cybersecurity community can learn much from the COVID-19 response.

The NIST Phish Scale: Method for rating human phishing detection difficulty

March 15, 2021

Author(s)

Shanee Dawkins, Jody Jacobs, Kristen K. Greene

Developed based on over 4 years of NIST phishing training data, the NIST Phish Scale is a DIY method for rating human phishing detection difficulty – key to understanding variability in phishing click rates.

Designing Trojan Detectors in Neural Networks Using Interactive Simulations

February 20, 2021

Author(s)

Peter Bajcsy, Nicholas J. Schaub, Michael P. Majurski

This paper addresses the problem of designing trojan detectors in neural networks (NNs) using interactive simulations. Trojans in NNs are defined as triggers in inputs that cause misclassification of such inputs into a class (or classes) unintended by the

Optimal Cybersecurity Investments for SIS Model

February 15, 2021

Author(s)

Van Sy Mai, Richard La, Abdella Battou

We study the problem of minimizing the (time) average security costs in large systems comprising many interdependent subsystems, where the state evolution is captured by a susceptible-infected-susceptible (SIS) model. The security costs reflect security

Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171

February 9, 2021

Author(s)

Ronald S. Ross, Victoria Pillitteri, Gary Guissanie, Ryan Wagner, Richard Graubart, Deborah Bodeau

The protection of Controlled Unclassified Information (CUI) resident in nonfederal systems and organizations is of paramount importance to federal agencies and can directly impact the ability of the Federal Government to successfully conduct its essential

Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations [including updates as of 01-28-2021]

January 28, 2021

Author(s)

Ronald S. Ross, Victoria Pillitteri, Kelley Dempsey, Mark Riddle, Gary Guissanie

The protection of Controlled Unclassified Information (CUI) resident in nonfederal systems and organizations is of paramount importance to federal agencies and can directly impact the ability of the federal government to successfully conduct its essential