The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Bill Newhouse - National Institute of Standards and Technology (NIST)

Students: Spring 2024, unless noted otherwise, sessions will be virtual on Zoom.

Challenges at the NIST National Cybersecurity Center of Excellence

Mar 23, 2022

Download: Video Icon MP4 Video Size: 432.5MB  
Watch on Youtube Watch on YouTube

Abstract

What kind of projects does one get to lead at an applied cybersecurity center within the National Institute of Standards and Technology (NIST)?

This talk will offer insight on the cybersecurity challenges being addressed by projects
led by the speaker since he began working at the National Cybersecurity Center of Excellence in 2016. The talk will touch upon the establishment of collaborative team made up of industry, academic, and government members for each project, and discuss how each project leverages a cybersecurity standard or best practice in the functional reference designs built for each project. Throughout each phase of each project, we seek to collaborate, share (document in NIST Special Publication 1800 series practice guides), and advocate for the adoption of our work.

This talk will offer some insight into the evolving series of NIST Special Publications known as practice guides (or 1800 series documents) and how these publications connect with the foundational NIST Special Publications in the 800series that are often used to set Federal government standards in computer security, information security, and cybersecurity while often being voluntarily adopted as guidance and standards by industry. This talk aims to leave enough time to address questions and explore whether the audience has new challenges that should become an NCCoE project in the future. At some point during the lecture, the following terms or phrases will be used: cybersecurity framework (functions, categories, subcategories), privacy framework, risk management framework, security and privacy controls, mitigating cybersecurity and privacy risk.

About the Speaker

Bill Newhouse
Bill Newhouse is a cybersecurity Engineer at the National Cybersecurity Center of Excellence (NCCoE) in the Applied Cybersecurity Division in the Information Technology Laboratory at the National Institute of Standards and Technology(NIST).

His work pushes for the adoption of functional cybersecurity reference designs built from commercially available technologies in the NCCoE lab. These projects rely on establishing communities of interest with members from industry,academia, and government to gain insight and passion about the areas of cybersecurity risk that need to be addressed and result in publications known as practice guides. Mr. Newhouse has completed practices guides focused on the hospitality, retail, and Federal sectors.

In October 2020, he began a cybersecurity collaboration with the U.S.Department of Energy to research and develop cybersecurity risk management tools for the storage, transportation, and handling of energy resources within the ports of our maritime transportation system. His responsibilities also include identifying ways to include financial services sector use case scenarios in NCCoE projects/practice guides.

Mr. Newhouse held the position of deputy director for NIST's National Initiative for Cybersecurity Education (NICE) where he promoted the use of the NICE Framework in education, training, and workforce development activities that grow the number of people who are prepared to mitigate cybersecurity risk.

Mr. Newhouse began his Federal career over 35 years ago at NSA as a cooperative education student. During his 23 years at NSA, his work shifted from telecommunication systems to information assurance. His final five years at NSA were spent in the Office of the Secretary of Defense initially with the Assistant Secretary of Defense for Research and Engineering and then with the Office of the Chief Information Officer for Identity and Information Assurance focused on cybersecurity R&D oversight and technology discovery. For over a decade, he represented OSD and then NIST at Federal cybersecurity focused R&D working groups and contributed to three different Federal cybersecurity R&D Strategic Plans.

Mr. Newhouse received a Bachelor of Science in Electrical Engineering from the Georgia Institute of Technology and a Master of Science in the Field of Telecommunications Engineering from the George Washington University.


Ways to Watch

YouTube

Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!