Cyber Security Building Block

Tuesday, September 24, 2013 @ 04:09 PM gHale


You can’t secure what you don’t know you have.

The problem is there are quite a few companies out there that truly don’t know what they have and how to protect it.

That is where the National Cybersecurity Center of Excellence (NCCoE) comes into play.

RELATED STORIES
Firing Up a Security Framework
DoE Awards to Boost Security Tools
Petrobras Moves to Hike Security
NIST Grants to Improve Security, Privacy

The Center, a National Institute of Standards and Technology (NIST) entity, proposed a new “building block” that will help organizations inventory and assess the state of installed software across their IT systems, which should contribute to enhanced security.

The NCCoE is asking the public to comment on the draft building block document. The comment period is open until October 14, 2013. An October 3 workshop will kick off the project.

The NCCoE works with industry, academic and government experts to find practical solutions for businesses’ most pressing cyber security needs. The NCCoE collaborates to build open, standards-based, modular, end-to-end solutions that are broadly applicable and help businesses more easily comply with standards and regulations.

Building blocks are an example of cyber security implementations that apply to multiple industry sectors and should end up incorporated into the center’s sector specific use cases. This exploration of software asset management capabilities is the first building block related to continuous monitoring. It is a collaboration among NCCoE, NIST’s Information Technology Lab, and the Department of Homeland Security, General Services Administration, and National Security Agency.

This building block proposes a standardized approach to software asset management so an organization has an integrated view of software throughout its lifecycle. The building block will support:
• Authorization and verification of software installation media. It verifies media is from a trusted software publisher and the installation media has not been tampered with
• Software execution whitelisting verifies software can run and has not been tampered with
• Publication of installed software inventory. This is where a device securely communicates what software is installed to an organization-wide database
• Software inventory-based network access control. This is where device’s level of access to a network is determined by what software is or is not present on the device and whether its patches are up to date

The NCCoE’s work to develop building blocks and resolve use cases results in solution sets, publicly available descriptions of the practical steps needed to implement a cyber security solution.

Click here to view document “Continuous Monitoring: Software Asset Management.”

Comments should email to the center by October 14.

Click here to learn more about the October 3 workshop.



Leave a Reply

You must be logged in to post a comment.