Archive

Archive for the ‘National Institute of Standards and Technology’ Category

NIST — Supplemental Guidance on Ongoing Authorization Transitioning to Near Real-Time Risk Management

June 10, 2014 Comments off

Supplemental Guidance on Ongoing Authorization Transitioning to Near Real-Time Risk Management (PDF)
Source: National Institute of Standards and Technology

Office of Management and Budget (OMB) Memorandum M-14-03, Enhancing the Security of Federal Information and Information Systems, stated that, “Our nation’s security and economic prosperity depend on ensuring the confidentiality, integrity and availability of Federal information and information systems” and directs the National Institute of Standards and Technology (NIST) to publish guidance establishing a process and criteria for federal agencies to conduct ongoing assessments and authorization. The following additional guidance amplifies current NIST guidance on security authorization and ongoing authorization (OA) contained in Special Publications 800-37, 800-39, 800-53, 800-53A, and 800-137. This guidance does not change current OMB policies or NIST guidance with regard to risk management, information security, security categorization, security control selection, implementation, assessment, continuous monitoring, or security authorization.

About these ads

NIST Releases 2013 Department of Commerce Technology Transfer Report

May 12, 2014 Comments off

NIST Releases 2013 Department of Commerce Technology Transfer Report
Source: National Institute of Standards and Technology

The National Institute of Standards and Technology (NIST) has released the Department of Commerce’s (DOC) 2013 Technology Transfer Report. The annual report summarizes the technology transfer activities of its three federal laboratories: NIST, the National Oceanic and Atmospheric Administration (NOAA), and the Institute for Telecommunication Sciences (ITS) of the National Telecommunications and Information Administration (NTIA).

In response to a Presidential Memorandum on accelerating technology transfer, this report also summarizes the actions DOC is taking to establish goals and measure performance, streamline administrative processes, and facilitate local and regional partnerships to accelerate technology transfer and support private-sector commercialization.

The many innovations emerging from DOC labs in 2013 include NIST fire researchers’ development and deployment of a new NIST test for firefighter breathing equipment. Under high heat conditions, facepiece lenses have been found to bubble, deform, and develop holes or crazes, exposing a firefighter to toxic gases, potentially resulting in burns to the respiratory tract and asphyxiation. As of Sept. 1, 2013,standard firefighter breathing equipment cannot be certified to National Fire Protection Association (NFPA) standards unless the facepiece lenses pass a new rigorous test, developed by NIST, designed to reduce the degradation and possible failure of the facepiece lens under high-heat firefighting conditions.

The National Oceanographic and Atmospheric Administration (NOAA) reports on how their operations in the areas of weather and climate analysis and forecasts form the backbone of a thriving Weather and Climate Enterprise. This $5 billion industry serves to protect and serve the $3 trillion portion of the U.S. economy that is weather sensitive, including industries related to agriculture, energy, construction, health, travel and transportation.

Framework for Improving Critical Infrastructure Cybersecurity

February 24, 2014 Comments off

Framework for Improving Critical Infrastructure Cybersecurity (PDF)
Source: National Institute of Standards and Technology

The national and economic security of the United States depends on the reliable functioning of critical infrastructure. Cybersecurity threats exploit the increased complexity and connectivity of critical infrastructure systems, placing the Nation’s security, economy, and public safety and health at risk. Similar to financial and reputational risk, cybersecurity risk affects a company’s bottom line. It can drive up costs and impact revenue. It can harm an organization’s ability to innovate and to gain and maintain customers.

To better address these risks, the President issued Executive Order 13636, “Improving Critical Infrastructure Cybersecurity,” on February 12, 2013, which established that “[i]t is the Policy of the United States to enhance the security and resilience of the Nation’s critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties.” In enacting this policy, the Executive Order calls for the development of a voluntary risk-based Cybersecurity Framework – a set of industry standards and best practices to help organizations manage cybersecurity risks. The resulting Framework, created through collaboration between government and the private sector, uses a common language to address and manage cybersecurity risk in a cost-effective way based on business needs without placing additional regulatory requirements on businesses.

The Framework focuses on using business drivers to guide cybersecurity activities and considering cybersecurity risks as part of the organization’s risk management processes. The Framework consists of three parts: the Framework Core, the Framework Profile, and the Framework Implementation Tiers. The Framework Core is a set of cybersecurity activities, outcomes, and informative references that are common across critical infrastructure sectors, providing the detailed guidance for developing individual organizational Profiles. Through use of the Profiles, the Framework will help the organization align its cybersecurity activities with its business requirements, risk tolerances, and resources. The Tiers provide a mechanism for organizations to view and understand the characteristics of their approach to managing cybersecurity risk.

Benefits and Costs of Energy Standard Adoption in New Commercial Buildings: State-by-State Summaries

November 12, 2013 Comments off

Benefits and Costs of Energy Standard Adoption in New Commercial Buildings: State-by-State Summaries
Source: National Institute of Standards and Technology

Energy efficiency requirements in current commercial building energy codes vary across states. Energy standards that are currently adopted by states range from ASHRAE 90.1 1999 to ASHRAE 90.1 2007. Some states do not have a code requirement for energy efficiency, leaving it up to the locality or jurisdiction to set their own requirements. The six National Institute of Standards and Technology (NIST) Special Publications (1147, 1148-1, 1148-2, 1148-3, and 1148-4) use the Building Industry Reporting and Design for Sustainability (BIRDS) database to analyze the impacts that the adoption of newer, more efficient commercial building energy codes would have on building energy use, operational energy costs, building life-cycle costs, and energy related carbon emissions for each state by Census Region. This study summarizes the results from the series of documents for each of the 50 states into a two-page section.

Biological Evidence Preservation: Best Practices for Evidence Handlers

October 29, 2013 Comments off

Biological Evidence Preservation: Best Practices for Evidence Handlers (PDF)
Source: National Institute of Standards and Technology

The Biological Evidence Preservation Handbook offers guidance for individuals involved in the collection, examination, tracking, packaging, storing, and disposition of biological evide nce. This may include crime scene technicians, law enforcement officers, healthcare professionals, forensic scientists, forensic laboratory managers, evidence supervisors, property managers, storage facility personnel, lawyers, testifying experts, court staff members, and anyone else who may come in contact with biological evidence. While many of the recommendations relate to the physical storage, preservation, and tracking of evidence at the storage facility, this handbook also covers the transfer of the material between the storage facility and other locations and discusses how the evidence should be handled at these other locations.

This report is divided into five main sections that detail issues and make recommendations related to biological evidence storage, tracking, preservation, and disposition . A glossary, which provides standard definitions of the technical terms used in this report, follows these sections.

Knowing Exposure Risks Important to Saving Structures from Wildfires

September 5, 2013 Comments off

Knowing Exposure Risks Important to Saving Structures from Wildfires
Source: National Institute of Standards and Technology

A recent study of one of California’s most devastating wildland fires by the National Institute of Standards and Technology (NIST) and the U.S. Forest Service (USFS) strongly suggests that measures for reducing structural damage and property loss from wildland urban interface (WUI)* fires are most effective when they are based on accurate assessments of exposure risks both for individual structures and the community as a whole.

The report also describes how the NIST-USFS WUI Hazard Scale provides a state-of-the-art tool for making such assessments and how that data could be linked to improved building codes, standards and practices that will help communities better resist the threat of wildfires.
The Witch Creek/Guejito WUI fire (commonly known as the Witch Fire) was the largest of a series of wildfires that began burning across Southern California on Oct. 20, 2007. It affected areas north and northeast of San Diego, starting in Witch Creek Canyon near Santa Ysabel and quickly spreading westward toward the coast because of strong Santa Ana winds. The Witch Fire burned some 80,000 hectares (nearly 200,000 acres), destroyed more than 1,600 structures, caused an estimated $1.8 billion in property damages and cost $18 million to fight. It also was responsible for two civilian deaths and 39 firefighter injuries.

A NIST-USFS WUI team worked in collaboration with the California Department of Forestry and Fire Protection (CAL FIRE) and the City of San Diego to collect post-incident data within the Witch Fire perimeter. The team focused its effort on The Trails development at Rancho Bernardo, north of San Diego. There were 274 homes in The Trails, with 245 within the fire perimeter. Seventy-four homes were completely destroyed and 16 were partly damaged. Field measurements made by the NIST team included structure particulars, specifically roof type; proximity of combustibles to the structure; and damage to wildland and residential vegetation. Documentation included more than 11,000 photographs.

NIST Offers Guidance on Building 21st-Century Forensic Labs

July 17, 2013 Comments off

NIST Offers Guidance on Building 21st-Century Forensic Labs
Source: National Institute of Standards and Technology

A new NIST handbook offers advice for law enforcement agencies on the planning, design, construction, and relocation of forensic science laboratories. A detailed how-to guide, the document not only outlines the process of creating a new crime lab from start to finish, but also provides guidance on integrating the latest scientific developments, efficiency improvements, and sustainability practices.

The handbook is intended for laboratory directors, architects, designers, builders, and others who have an interest in planning and constructing the 21st-century crime lab. The new Forensic Science Laboratories: Handbook for Facilities Planning, Design, Construction, and Relocation is available as a pdf file at http://www.nist.gov/manuscript-publication-search.cfm?pub_id=913987.

Follow

Get every new post delivered to your Inbox.

Join 899 other followers