Category: XP

NIST Launches New Trustworthy and Responsible AI Resource Center

NIST Launches New Trustworthy and Responsible AI Resource Center: Includes First Version of AI Risk Management Framework Playbook

The National Institute of Standards and Technology (NIST) announces the launch of the NIST Trustworthy and Responsible AI Resource Center (AIRC), a one-stop-shop for foundational content, technical documents, and toolkits to enable responsible use of Artificial Intelligence (AI). The AIRC offers industry, government, and academic stakeholders knowledge of AI standards, measurement methods and metrics, datasets, and other resources. 

The launch of the AI Resource Center was announced during the White House Summit for Democracy held this week. The AIRC is part of NIST’s continued effort to promote a shared understanding and improve communication among those seeking to operationalize trustworthy and responsible AI. 

The Resource Center will facilitate implementation of trustworthy and responsible approaches such as those described in NIST’s AI Risk Management Framework (AI RMF). That voluntary Framework articulates and offers guidance for addressing the key building blocks of trustworthy AI in order to better manage risks to individuals, organizations, and society associated with AI.

The initial version of the AIRC, which will be expanded over time based on contributions from NIST and others, includes the AI RMF 1.0 and the first complete version of the  companion playbook. Content in the AI RMF Playbook can now be filtered by AI RMF function, topic, and AI actor role so that users can quickly isolate relevant information most useful to them. 

The AIRC includes access to a standards tracker about AI standards around the globe, along with a metrics hub to assist in test, evaluation, verification, and validation of AI. 

A trustworthy and responsible AI Glossary in the AIRC is being released in beta format as a spreadsheet as approaches to visualize the relationships between and among these terms continue to advance. A final glossary will be produced at a later date based on input from the community.
In addition, the new resource center will  be a repository for NIST technical and policy documents related to the AI RMF, the NIST AI publication series, as well as NIST-funded external resources in the area of trustworthy and responsible AI. 
The AIRC Engagements and Events page will include updates on how to engage with NIST on the topic of trustworthy and responsible AI. 

Sign up to receive email notifications about NIST’s AI activities here.

NCCoE Seeks Collaborators for New Healthcare Sector Project

Become a Collaborator on the Mitigating Cybersecurity Risk in Telehealth Smart Home Integration Project
The National Cybersecurity Center of Excellence (NCCoE) has issued a Federal Register Notice (FRN) inviting industry participants and other interested collaborators to participate in the Mitigating Cybersecurity Risk in Telehealth Smart Home Integration Project.

The NCCoE Healthcare project team will build an environment that will model patients’ use of smart speakers in a telehealth ecosystem. The goal of this project is to identify and mitigate cybersecurity and privacy risks associated with these ecosystems. This project will result in a publicly available NIST Cybersecurity Practice Guide.

There are two ways to join the NCCoE for this project:

Become an NCCoE Collaborator – Collaborators are members of the project team that work alongside the NCCoE staff to build the demonstration by contributing products, services, and technical expertise.

Get Started Today – If you are interested in becoming an NCCoE collaborator for the Mitigating Cybersecurity Risk in Telehealth Smart Home Integration project, first review the requirements identified in the Federal Register Notice. To become a collaborator, visit the project page to see the final project description and request a Letter of Interest (LOI) template--you will then receive a link to download the LOI template. 

Go to the project page here

Complete the LOI template and send it to the NCCoE Healthcare team at hit_nccoe@nist.gov.

Join our Community of Interest – By joining the NCCoE Healthcare Community of Interest (COI), you will receive project updates and the opportunity to share your expertise to help guide this project. Request to join our Healthcare COI by visiting our project page.

If you have any questions, please contact our project team at hit_nccoe@nist.gov.

NIST Cybersecurity White Paper: Security Segmentation in a Small Manufacturing Environment

What is this paper about?

As manufacturers are increasingly targeted in cyberattacks, any
gaps in cybersecurity leave small manufacturers vulnerable to attacks. Small
manufacturers tend to operate facilities with limited staff and resources,
often causing cybersecurity to fall by the wayside as something that costs too
much time and money. Additionally, bringing together various cybersecurity
standards, frameworks, and guides to derive a coherent action plan is a
challenge even for those experienced in cybersecurity.

Security segmentation is a cost effective and efficient security
design approach for protecting cyber assets by grouping them based on their
communication and security requirements. This paper outlines a practical
six-step approach, incorporating the NIST
Cybersecurity Framework (CSF) and NIST IR 8183 Cybersecurity Framework: Manufacturing Profile
(“CSF Manufacturing Profile”), that manufacturers can follow to implement
security segmentation and mitigate cyber vulnerabilities in their manufacturing
environments.

The NIST Cybersecurity White Paper: Security Segmentation in a Small
Manufacturing Environment is now available free of charge.

Let us know what you think!

Questions? Email our team at manufacturing_nccoe@nist.gov with your
feedback and let us know if you would like to join the Manufacturing community
of interest. We value and welcome your input.

Project Page

NIST has extended the deadlines to submit comments

 There’s Now Extra Time to Comment…Please Share Your Feedback on
our Three NIST Identity Guidance Items!

NIST has extended the deadlines to submit comments to drafts of
three key pieces of guidance related to digital identity:

  1. Digital Identity Guidelines
    (NIST SP 800-63-4) |     Extended until April 14, 2023 NIST
    SP 800-63 intends to respond to the changing digital landscape that has
    emerged since the last major revision of this suite was
    published in 2017—including the real-world implications of online risks.
    The guidelines present the process and technical requirements for meeting
    digital identity management assurance levels for identity proofing,
    authentication, and federation, including requirements for security and
    privacy as well as considerations for fostering equity and the usability
    of digital identity solutions and technology.
  2. Guidelines for Derived Personal Identity
    Verification (PIV) Credentials     (NIST SP 800-157r1) | Extended until April 21,
    2023     NIST SP 800-157 has been
    revised to feature an expanded set of derived PIV credentials to include
    public key infrastructure (PKI) and non-PKI-based phishing-resistant
    multi-factor authenticators.
  3. Guidelines for Personal Identity Verification (PIV)
    Federation
    (NIST SP 800-217) | Extended
    until April 21, 2023     NIST SP 800-217 details
    technical requirements on the use of federated PIV identity and the
    interagency use of assertions to implement PIV federations backed by PIV
    identity accounts and PIV credentials.

Read More

You’re invited to attend Microsoft Secure

You are invited to attend a
new security digital event – Microsoft Secure on March 28, 2023 8:30AM –
2:30PM Pacific Time (UTC-08:00). Registration is now open.

Register now

Why
join Microsoft Secure?

If
you attended last year’s Microsoft Security Summit, Microsoft Secure is
even bigger and better.By joining our very first Microsoft Secure,
you’ll: 

  • Hear exciting product announcements and
    demos
    to help you protect more with less.
  • Gain insights from
    experts, including Brad
    Smith    , Charlie
    Bell, Joy Chik,     and many more.
  • Get actionable steps from
    breakout
    sessions     on extended detection and response (XDR),
    multicloud security, cloud-managed endpoints, Zero Trust, built-in
    security configurations and more.
  • Connect with your peers
    and have your product and strategy questions answered by Microsoft
    experts in a live
    chat Q&A    .

Register now to
catch our upcoming announcements. Be sure to follow Microsoft
Security on LinkedIn, Twitter,
and our Blog for the
latest news and event information.

 

 

 

Windows XP and Microsoft Office 2003 time to Upgrade

 

Windows XP SP3 and Office 2003

Support Ends April 8, 2014

So what can you do now? If you are a home user or have a small business here is some simple steps to follow.

1st look at you business applications and se if they will run on Windows 7 or Vista. If the app works on Vista should work on windows 7.

Then look at your hardware is there driver(s)  for Windows 7. Your can use the Windows upgrade advisor to learn about your computer and understand what hardware and software will be issues.

When you use the upgrade advisor do your self a favor and connect ALL you devices to the computer 1st then run the advisor..

If your hardware is good to go and you have your software original disk, then BACKUP you computer and verify it a good copy. As when you install Windows 7 you will be formatting your hard drive and will loose all your data, a idea I tell user to do is to buy a new hard drive and put the new operating system on that, that way you can test and verify that the hardware and all your device work. Then if you buy Windows 7 Profession or higher you can use XP more for application that will only work in XP and not on windows 7 …

If the Hardware is old  and you do not want to buy a new computer, and your computer can run Windows 7 switching out the hard drive is a good idea anyway as that is the the one of the 2 items that fail in an old computer. Power supply being the second.

For more information click here

For business users you should look a

Microsoft Deployment Toolkit (MDT) to accelerate and automate deployments of Windows 7, Windows Server 2008 R2, Windows Vista, Windows XP, Windows Server 2008, and Microsoft Office products.

For more information click here

 

 

Windows 8 Information

Today the Springboard site went live with content about windows 8 !!!!!

This is the go to site for Information about windows 8. The site has content  about the following subjects

To learn more  go http://technet.microsoft.com/windows/windows-8.

Essential Downloads