Federal officials unveiled details of a new public-private partnership aimed at speeding industry’s development of secure information technology products.
The new National Cybersecurity Center of Excellence (NCCoE) launched in February is a project of the National Institute of Standards and Technology (NIST). It aims to bring companies together to create and discuss security management solutions that can be used by agencies and private companies.
Acting Executive Director Donna Dodson on Tuesday said NCCoE’s vision is to provide a world-class collaborative environment for integrating cybersecurity solutions that stimulate economies and national economic groups.
Initially, the center will focus on adopting secure health IT products and gradually focus on other areas such as cloud and mobile computing, based on industry’s needs and challenges.
“We do not envision building our own solution from scratch. What we want to do is work collaboratively … to do that in conjunction with industry,” she said.
Here’s how the center will operate:
Step 1: Engage the business community.
Step 2: Propose “use cases”.
Step 3: Select applicable IT components.
Step 4: Generate feedback and implement new cyber prototype solutions.
To engage businesses, the center plans to conduct what it calls “deep dive” workshops, in which it gathers inputs from a broad variety of groups to address a specific challenge.
The center will engage all participants — small businesses, large businesses, the academic sector and federal agencies alike — to develop an integrated solution that has clear benefits for particular industry sectors. The goal is to find integrated, affordable and useful security tools for all technology consumers.
“Federal agencies are one of those business communities that rely on a commercial product to build infrastructures that support their business needs,” said Matt Scholl, deputy chief of NIST’s Computer Security Division.
The need is especially great in the health care arena. A collaborative, “use case” example was the work NCCoE has done with Health IT solutions with the Health and Human Services Department.
NIST Director Dr. Patrick Gallagher said that between 2005 and 2008, 230 million electronic records were breached, which included 40 million electronic medical records, according to the American National Standards Institute. In November 2001, a study showed 96 percent of healthcare providers responding to a survey reported at least one data breach in the last two years.
The $10 million center operates at a state-of-the-art computing facility near NIST’s Gaithersburg, Md., campus.
View video from the NIST workshop