National Cybersecurity Center of Excellence (NCCoE) – Accelerating the Deployment and Use of Security Technologies

Blog Co-Author:  Christopher Ballister

The National Cybersecurity Center of Excellence (NCCoE) is a collaborative home for practical cybersecurity.  Ms. Donna Dodson serves as the Director and Mr. Nate Lesser serves as the Deputy Director.  The NCCoE is part of the Information Technology Laboratory (ITL) of the National Institute of Standards and Technology (NIST) – an agency of the Department of Commerce -- and is a public-private collaboration center for accelerating the widespread adoption of integrated cybersecurity tools and technologies.  NCCoE provides businesses with real-world cybersecurity solutions that are based on commercially available technologies.  It brings together experts from industry, government and academia to demonstrate integrated cybersecurity that is cost-effective, repeatable and scalable. 

NCCoE’s strategy is driven by the cybersecurity protection needs of American businesses. Its vision is to offer a secure cybersecurity infrastructure that inspires technological innovation and fosters economic growth through advanced cybersecurity.  The NCCoE’s mission is to accelerate adoption of secure technologies through collaboration with innovators to provide real-world cybersecurity capabilities that address business needs.  The three NCCoE’s goals are:

• Provide Practical Cybersecurity by helping people secure their data and digital infrastructure by equipping them with practical ways to implement cost-effective, repeatable and scalable cybersecurity solutions.
• Increase the Rate of Adoption by enabling companies to rapidly adopt commercially available cybersecurity technologies by reducing their total cost of ownership.
• Accelerate Effective Innovation by empowering innovators to creatively address businesses’ most pressing cybersecurity challenges in a state-of-the-art, collaborative environment.

NCCoE’s Engagement & Business Model is a straightforward four-step process:

• Define & Articulate:  Identify and describe the business problem; conduct market research: and vet project descriptions
• Organize & Engage:  Publish project descriptions and solicit responses; select technology collaborators; and execute a CRADA or cooperative research and development agreement
• Implement & Test:  Build example solution; test example solution; and identify gaps
• Transfer & Learn:  Collect documents; perform technology transfer; and document lessons learned

The objective of the NCCoE business model is to produce a set of easy-to-understand guidance to support decision-making and implement adoption of the example solution. 

NCCoE seeks problems that affect an entire sector, or multiple sectors.  They identify applicable standards and best practices and collaborate with creators of commercial, off-the-shelf products to use them in developing example solutions in their labs.  The final outcome is to publish NIST Cybersecurity Practice Guides (Special Publication series 1800), which include all of the information and instruction businesses need to deploy the use of secure, standards-based solutions. 

The current list of projects include:

• Attribute Base Access Control
• Data Integrity
• Derived PIV Credentials
• Mobile Device Security
• Privacy-Enhanced Identity Federation

And the current list of sectors where use cases are being developed include:

• Consumer/Retail Sector
• Energy Sector
• Financial Services Sector
• Healthcare Sector
• Public Safety/First Responders
• Transportation Sector

For example, the Data Integrity project ("Data Integrity: Recovering from a Destructive Malware Attack") is currently seeking technology vendors to participate in the development of an example solution. This was posted as a Federal Register Notice on June 1, 2016, in accordance with NCCoE’s formal process for seeking participation.

The NCCoE held its first Data Integrity Community of Interest (COI) call on July 27, 2016. It included a brief discussion of NCCoE goals and its operating model, followed by a presentation on how the NCCoE and COIs work together to move projects forward. Also presented was the current state and planned schedule of the Data Integrity project.

The goal of this project is to mitigate the impacts of data corruption when recovering systems from backup storage. The solution will provide guidance for incorporating post-attack data corruption detection and recovery strategies into a corporate IT architecture. The project will explore methods to address the integrity of commodity components (operating systems, applications, and software configurations), custom applications, and data (database and files) and provide corruption indicators and activity logs to the security analysts to identify the malicious activity. It will produce an architecture that includes components that will integrate notification of data corruption events coupled with approaches to automate recovery from such events.

This project will result in a NIST Cybersecurity Practice Guide—a publicly available description of the practical steps needed to implement a cybersecurity reference design.

For a full list of the projects and more details, please see the NCCoE website.

Listen to the Business of Government Hour interview with Nate Lesser, Deputy Director, NCCoE – a government executive who is changing the way government does business!