NIST Researchers Receive Award for Manufacturing Cybersecurity Guidelines, Achieving Wider Use

Ransomware Attackers Have Code to Halt Critical Infrastructure

February 15, 2022

One Year Later: Winter Storm Uri – ACORE

February 15, 2022

Published by Certrec on February 15, 2022

Tags

Go to Source February 15, 2022

On January 12, 2022, NIST presented the Department of Commerce Bronze Medal to Keith Stouffer, Timothy Zimmerman, CheeYee Tang, Michael Pease, and Jeffrey Cichonski for developing and disseminating the first, detailed cybersecurity guidelines for small and medium-sized manufacturers.

In 2018, an assessment by the DOC Bureau of Industry and Security documented that fewer than half of small and medium-sized manufacturers had any cybersecurity measures in place. Yet, growing automation and Internet connectivity made systems more vulnerable to attack and hackers were increasingly targeting them.

These NIST researchers recognized the need to secure these systems. They developed NISTIR 8183 Cybersecurity Framework (CSF) Manufacturing Profile (subsequently updated to Version 1.1) and corresponding NISTIR 8183A Implementations Guide, Volumes 1, 2, and 3 to help small and medium-sized manufacturers manage cybersecurity risk, while also optimizing their operations. These publications are tailored to manufacturing business goals and industry best practices. They provide small and medium-sized manufacturers with an easy-to-understand process to efficiently select and deploy cybersecurity tools and techniques that best fit their needs, making cybersecurity no longer a “black art.”

Researchers based the NIST guidelines on quantitative network and operational performance impact measurements of cybersecurity technologies (e.g., industrial firewalls, intrusion detection systems, anti-virus software, etc.). Researchers made these measurements in a testbed representative of manufacturing environments. Researchers also helped to develop industry consensus for the guidelines and promoted their adoption.

The Manufacturing Extension Partnership (MEP) selected the guidelines as the basis for cybersecurity implementation guidance for small and medium-sized Department of Defense (DoD) suppliers, as well as for piloting cybersecurity program implementations at two MEP member companies that supply to DoD. Results from the pilot are being used to provide cybersecurity implementation guidance to small and medium-sized manufacturers across the U.S. via the national network of MEP centers. In addition, the Department of Homeland Security’s Critical Manufacturing Sector Cybersecurity Working Group expressed its thanks to “NIST and its other contributors for developing and updating this outstanding and valuable manufacturing profile for our sector.”

Certrec

Comments are closed.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.