National Cybersecurity FFRDC

Last updated

The National Cybersecurity FFRDC (NCF) is a federally funded research and development center (FFRDC) operated by MITRE Corporation. [1] It supports the U.S. National Institute of Standards and Technology's (NIST) National Cybersecurity Center of Excellence (NCCoE). NCF is the first and, as of March 2017, only federally funded research and development center dedicated solely to cybersecurity. [2] The NCF is located at 9700 Great Seneca Hwy in Rockville, Maryland.

The NCF's mission is to increase the cybersecurity of the business community by providing practical guidance, increasing the adoption rate of more secure technologies, and accelerating innovation. It supports the Department of Commerce's goal of protecting the economy. [2]

NCF also fosters public-private collaborations to identify and solve cybersecurity threats. [1] Through NIST's Work for Others Program, non-profits, and federal, state and local agencies can access the cybersecurity technologies and talent available at the NCF. [3]

History

The contract to operate the NCF was awarded in September 2014 by the NIST to the MITRE Corporation. The press release stated that "FFRDCs operate in the public interest and are required to be free from organizational conflicts of interest as well as bias toward any particular company, technology or product—key attributes given the NCCoE’s collaborative nature…The first three task orders under the contract allowed the NCCoE to expand its efforts in developing use cases and building blocks and provide operations management and facilities planning." [2]

Related Research Articles

The National Institute of Standards and Technology (NIST) is an agency of the United States Department of Commerce whose mission is to promote American innovation and industrial competitiveness. NIST's activities are organized into physical science laboratory programs that include nanoscale science and technology, engineering, information technology, neutron research, material measurement, and physical measurement. From 1901 to 1988, the agency was named the National Bureau of Standards.

<span class="mw-page-title-main">Mitre Corporation</span> American not-for-profit corporation

The Mitre Corporation is an American not-for-profit organization with dual headquarters in Bedford, Massachusetts, and McLean, Virginia. It manages federally funded research and development centers (FFRDCs) supporting various U.S. government agencies in the aviation, defense, healthcare, homeland security, and cybersecurity fields, among others.

A University Affiliated Research Center (UARC) is a strategic United States Department of Defense (DoD) research center associated with a university. UARCs are formally established by the Under Secretary of Defense for Research and Engineering. UARCs were developed to ensure that essential engineering and technology capabilities of particular importance to the DoD are maintained. They have many similarities with Federally Funded Research and Development Centers, including sole source funding under the authority of 10 U.S.C. § 2304(c)(3)(B). However, UARCs are allowed to compete for other science and technology work, except when it is prohibited by their contracts.

The Aerospace Corporation is an American nonprofit corporation that operates a federally funded research and development center (FFRDC) in El Segundo, California. The corporation provides technical guidance and advice on all aspects of space missions to military, civil, and commercial customers. As the FFRDC for national-security space, Aerospace works closely with organizations such as the United States Space Force and the National Reconnaissance Office (NRO) to provide "objective technical analyses and assessments for space programs that serve the national interest". Although the USSF and NRO are the primary customers, Aerospace also performs work for civil agencies such as NASA and NOAA as well as international organizations and governments in the national interest.

NCF may refer to:

Information security standards or cyber security standards are techniques generally outlined in published materials that attempt to protect the cyber environment of a user or organization. This environment includes users themselves, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks.

<span class="mw-page-title-main">Institute for Defense Analyses</span> American non-profit corporation

The Institute for Defense Analyses (IDA) is an American non-profit corporation that administers three federally funded research and development centers (FFRDCs) – the Systems and Analyses Center (SAC), the Science and Technology Policy Institute (STPI), and the Center for Communications and Computing (C&C) – to assist the United States government in addressing national security issues, particularly those requiring scientific and technical expertise. It is headquartered in Alexandria, Virginia.

Federally funded research and development centers (FFRDCs) are public-private partnerships that conduct research and development for the United States Government. Under Federal Acquisition Regulation § 35.017, FFRDCs are operated by universities and corporations to fulfill certain long-term needs of the government that "...cannot be met as effectively by existing in-house or contractor resources." While similar in many ways to University Affiliated Research Centers, FFRDCs are prohibited from competing for work. There are currently 42 FFRDCs, each sponsored by one or more U.S. government departments or agencies.

The Common Weakness Enumeration (CWE) is a category system for hardware and software weaknesses and vulnerabilities. It is sustained by a community project with the goals of understanding flaws in software and hardware and creating automated tools that can be used to identify, fix, and prevent those flaws. The project is sponsored by the office of the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA), which is operated by The MITRE Corporation, with support from US-CERT and the National Cyber Security Division of the U.S. Department of Homeland Security.

Control system security, or industrial control system (ICS) cybersecurity, is the prevention of interference with the proper operation of industrial automation and control systems. These control systems manage essential services including electricity, petroleum production, water, transportation, manufacturing, and communications. They rely on computers, networks, operating systems, applications, and programmable controllers, each of which could contain security vulnerabilities. The 2010 discovery of the Stuxnet worm demonstrated the vulnerability of these systems to cyber incidents. The United States and other governments have passed cyber-security regulations requiring enhanced protection for control systems operating critical infrastructure.

The National Strategy for Trusted Identities in Cyberspace (NSTIC) is a US government initiative announced in April 2011 to improve the privacy, security and convenience of sensitive online transactions through collaborative efforts with the private sector, advocacy groups, government agencies, and other organizations.

<span class="mw-page-title-main">Networking and Information Technology Research and Development</span> NiTRD

The Networking and Information Technology Research and Development (NITRD) program consists of a group of U.S. federal agencies to research and develop information technology (IT) capabilities to empower Federal missions; support U.S. science, engineering, and technology leadership; and bolster U.S. economic competitiveness.

Smart Grid Interoperability Panel or SGIP is an organization that defines requirements for a smarter electric grid by driving interoperability, the use of standard, and collaborating across organizations to address gaps and issue hindering the deployment of smart grid technologies.

The National Cybersecurity Center of Excellence (NCCoE) is a US government organization that builds and publicly shares solutions to cybersecurity problems faced by U.S. businesses. The center, located in Rockville, Maryland, was established in 2012 through a partnership with the National Institute of Standards and Technology (NIST), the state of Maryland, and Montgomery County. The center is partnered with nearly 20 market-leading IT companies, which contribute hardware, software and expertise.

<span class="mw-page-title-main">LaVerne H. Council</span> American government official

LaVerne H. Council, MBA, DBA was the Assistant Secretary for Information and Technology and Chief Information Officer for the Office of Information and Technology within the U.S. Department of Veterans Affairs. Council assumed this role in July 2015. President Obama nominated Council to the role in March 2015. Council was confirmed by the 114th Congress on June 23, 2015, making Council the first female CIO of a Cabinet-level federal agency. She managed a $4.2B Information Technology (IT) appropriation, the first centralized and only IT appropriation in the federal government.

<span class="mw-page-title-main">ANSER</span>

Analytic Services Inc., better known by its acronym ANSER, is a not-for-profit corporation that provides services, largely to the U.S. federal government, in several mission areas. Its headquarters are in Falls Church, Virginia.

<span class="mw-page-title-main">Andrew Bremberg</span> American lawyer and diplomat (born 1979)

Andrew P. Bremberg is an American attorney and political advisor who most recently served as Permanent Representative of the United States of America to the Office of the United Nations and Other International Organizations in Geneva. He previously served as Assistant to the President and the director of the Domestic Policy Council for U.S. President Donald Trump.

<span class="mw-page-title-main">American Innovation and Competitiveness Act</span>

The American Innovation and Competitiveness Act (AICA) is a United States federal law enacted in 2017 by President Barack Obama that aims to invest in cybersecurity and cryptography research. The legislation was initially introduced in the Senate by Cory Gardner (R-CO) and Gary Peters (D-MI). The legislation serves as a reauthorization of the 2010 America COMPETES Act that expired in 2013.

The Cybersecurity Maturity Model Certification (CMMC) is an assessment framework and assessor certification program designed to increase the trust in measures of compliance to a variety of standards published by the National Institute of Standards and Technology.

<span class="mw-page-title-main">National Center for Science and Engineering Statistics</span> Federal statistical agency of the United States

The National Center for Science and Engineering Statistics (NCSES) is one of the thirteen principal statistical agencies of the United States and is tasked with providing objective data on the status of the science and engineering enterprise in the U.S. and other countries. NCSES sponsors or co-sponsors data collection on 15 surveys and produces two key publications: Science and Engineering Indicators, and Women, Minorities, and Persons with Disabilities in Science and Engineering. Though policy-neutral, the data and reports produced by NCSES are used by policymakers when making policy decisions regarding STEM education and research funding in the U.S.

References

  1. 1 2 "National Cybersecurity FFRDC: Who We Are". www.mitre.org. The MITRE Corporation. Retrieved 2015-09-05.
  2. 1 2 3 Hernandez, Paul (2014-09-24). "NIST Awards Contract to MITRE to Support Cybersecurity Center of Excellence". U.S. National Institute of Standards and Technology. Retrieved 2017-03-02.
  3. "Work for Others". U.S. National Institute of Standards and Technology. Retrieved 2017-03-02.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.