The final guide goes beyond the traditional NIST standard document. It is a detailed example of how an electric utility company can improve the security of its information technology and operational technology by creating a converged IdAM platform to provide a comprehensive view of all users and their access rights across the enterprise. This can reduce the risk of malicious or untrained people gaining unauthorized access to critical infrastructure components and interfering with their operation, thereby lowering overall business risk.
Arch Street is honored to have played a small role in the development of the guide as a member of the Energy Community of Interest which advised the NCCoE team on key elements of the IdAM guide.
Astronomers from the United States made a major discovery of the origin of cosmic rays made using a complex mix of high-tech instruments and observatories located around the globe including at the South Pole and in space. This technique known as multi-messenger astronomy has the potential to unlock numerous mysteries of the galaxy and usher in a new era of science.
The lead observatory — the IceCube Neutrino Observatory — funded by the National Science Foundation and operated by the University of Wisconsin is a leading-edge detector that looks up through the earth to detect tiny neutrinos flowing through our planet and ourselves. It was conceived and built in the 1990’s when scientists theorized that neutrinos existed by were not yet detected. Tim Clancy of Arch Street helped advocate for IceCube funding as part of the NSF budget request and led delegations to the South Pole to inspect the construction of the experimental observatory.
The Air Force Research Lab is interested in incubator and accelerator programs that can help developers explore the potential military use of commercial technologies. AFRL Space Vehicles program manager, Air Force Captain Jacob Singleton noted in a recent interview that the lab currently works with accelerators that invest in space platforms while other AFRL directorates focus on other technology areas.
“Our strength is in bringing a new perspective to their product as a potential customer, letting them know what the Armed Forces needs and how they could adapt their product or service to make that happen,” he added.
Arch Street is pleased to work with NYSTEC which is an Air Force partner for commercialization and tech transfer through NYSTEC’s IgniteUNY initiative. We see greater interest in technology commercialization across all federal agencies and laboratories and look forward to expanding and extending the very successful IgniteU model to multiple federal research partners.
The New America Foundation has released a new report on U.S. cybersecurity efforts at the state-level. The report focuses on three key areas: responding to cyber incidents, protecting critical infrastructure, and supporting the development of a cyber workforce. One notable recommendation is a call for greater formalization and institutionalization of federal-state functions such as cyber information sharing. Such activities tend to succeed on personal relationships and connections but often decline when key individuals leave or change responsibilities.
The U.S. National Institutes of Standards and Technology (NIST) is taking public comments on its major risk management publication (SP 800-37) for information systems. This document provides guidelines for applying the NIST Risk Management Framework (RMF) to information systems and organizations.
The RMF includes a disciplined, structured, and flexible process for organizational asset valuation; control selection, implementation, and assessment; system and common control authorizations; and continuous monitoring. It also includes activities to help prepare organizations to execute the RMF at the information system level. The RMF promotes the concept of near real-time risk management and ongoing system and common control authorization through the implementation of continuous monitoring processes; provides senior leaders and executives with the necessary information to make efficient, cost-effective, risk management decisions about the systems supporting their missions and business functions; and integrates security and privacy into the system development life cycle. Use of the NIST RMF is mandated for federal information systems by the Federal Information Security Management Act (FISMA).
The presenter will be Dr. Paul Losiewicz, Senior Scientific Advisor at Quanterion Solutions Incorporated and the Cybersecurity and Information Systems Information Analysis Center (CSIAC).
The webinar will cover DoD policy concerns and current R&D efforts in the field of cybersecurity & critical infrastructure protection. Topics will include Weasel Board being developed at Sandia National Laboratory, More Situational Awareness for Industrial Control Systems (MOSAICS), sponsored by PACOM and NORTHCOM, and recent policy concerns relating to cyber security and Utilities Privatization of Critical Infrastructure. This webinar will also report the results of a panel discussion from the DHS Joint Industrial Control Systems Working Group (JICSWG) meeting April 9-11 at Albuquerque NM.