NIST Releases Finalized PNT Service Cybersecurity Guidance; Jim McCarthy Quoted

NIST Releases Finalized PNT Service Cybersecurity Guidance; Jim McCarthy Quoted
Jim McCarthy Senior Security Engineer NIST

The National Institute of Standards and Technology (NIST) has published the final version of a document to guide the cybersecurity of positioning, navigation and timing (PNT) services. 

NIST said Thursday its document titled “Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of PNT Services” builds on input from the public on PNT data use.

PNT technologies support many applications that provide navigation and tracking, such as GPS. NIST created the “profile” document in support of Executive Order 13905, which aims to bolster the security of PNT services.

“Many efforts to secure PNT services were underway before we began developing this profile, but there wasn’t a formal reference for risk mitigation that everyone could use,” said Jim McCarthy, a senior security engineer at NIST and a 2016 Wash100 Award recipient

The agency also developed a “quick guide” document that summarizes the profile in a more understandable form. He also said NIST will review the main profile document biennially or as needed, in line with the executive order.

“Those less familiar with their own use of PNT services will benefit from the guide, as the process of implementing the profile may seem complicated for the novice user," McCarthy added.

You may also be interested in...


DHS, NIST List Goals for Cyber Best Practices

The Department of Homeland Security (DHS) and the National Institutes of Standards and Technology (NIST) have jointly classified cybersecurity practices into nine categories as bases for cyber performance goals. The nine categories each have specific objectives with regard to how secure control systems are operated and deployed, NIST said Thursday.