NIST cybersecurity center launches data consolidation effort
The National Cybersecurity Center of Excellence is looking for folks to join forces, share their technical expertise and provide products for its effort to create a system simplifying the integration process for companies in the financial services sector.
NCCoE — a partnership between the National Institute of Standards and Technology, the state of Maryland and Maryland’s Montgomery County — wants to create a model, standards-based system for financial services companies to use as a single comprehensive agent in integrating their hardware and software support, IT security and existing asset management.
“As in many organizations, IT assets in the financial services industry can range from company smartphones and laptops up through major database and network servers and office systems,” according to an NIST announcement. “Managing them is a complex task that goes far beyond simply keeping track of where they are. Software—both operating systems and programs—must be kept current with periodic upgrades and ‘patches,’ and the organization must be able to rapidly and seamlessly respond to new threats from malware or cyber-attacks.”
NCCoE seeks technology vendors interested in working on a “reference design” to show how companies can consolidate their existing data systems into one IT asset management system, or ITAM.
The goal of this effort, according to the NIST release, is to help companies answer questions about their IT assets’ operation and vulnerabilities. Companies can use this ITAM system, or similar systems, “to apply business and security rules dynamically to make better use of information assets and protect enterprise systems and data.”
Details of the challenge can be found in the recently released IT asset management use case — used in 2013 to request public comment and employed as input into the final version.