Presentation title slide - 42 pt Times New Roman, White
Download
Report
Transcript Presentation title slide - 42 pt Times New Roman, White
Homeland Security Advanced Research Projects Agency
An Update on the Cyber Security
R&D Landscape
December 4, 2013
SINET Showcase
Douglas Maughan
Division Director
http://www.dhs.gov/cyber-research
Past SINET Participation
2007 ITSEF - Opening Doors to the Federal Government
2008 ITSEF Panel - Federal Government Strategic
Investment Funds
2009 ITSEF Panel - Critical Infrastructure
2010 ITSEF Panel - Moving Forward with a Roadmap for
the IT, Banking & Finance and Energy Sectors
2010 Showcase Workshop and 2011 ITSEF Workshop Obtaining Federal Research Funding
2011 ITSEF Panel - Partnering Practitioners & Theory Creating Centers of Excellence
2012 ITSEF Panel - What are the Key Attributes that Lead
to Successful Technology Transfer?
2012 Showcase Panel - DHS and DoD Efforts at Improving
Cyber Innovation Intake into the Federal Government
Presenter’s Name
June 17, 2003
2
Presentation Outline
Threat Space
National / Federal Activities
DHS Activities
Cyber Security Division (CSD) Overview
What’s Ahead
Funding Opportunities
Summary
Q&A
Presenter’s Name
June 17, 2003
3
Environment: Greater Use of Technology,
More Threats, Less Resources
Anywhere in the
world in 24 hours
Globalization &
Transportation
Tenuous
balance
Border Security
& Immigration
Violent
Extremism
Cyber Domain
Insider
Threat
Low cost
of entry
Nature of
Innovation
Both sides get
to innovate
Misuse of
Technology
Historical
Perspective
Strategic
potential
Predictive &
Reactive
Natural Disasters
& Pushing
Beyond Design
Limits
MORE THREATS
Aviation as an
example …
L
E
S
S
R
E
S
O
U
R
C
E
S
Cyber Threat Sources Ready
to Exploit Weaknesses
Nation States
Cyber Criminals
Terrorists, DTOs, etc.
Insider Threats
Hackers/Hacktivists
Presenter’s Name
June 17, 2003
Cyber Threats
Malware – Malicious software to disrupt computers
Viruses, worms, …
Theft of Intellectual Property or Data
Hactivism – Cyber protests that are socially or politically motivated
Mobile Devices and Applications and their associated Cyber Attacks
Social Engineering – Entice users to click on Malicious Links
Spear Phishing – Deceptive communications (E-Mails, Texts, Tweets…)
Domain Name System (DNS) Hijacking
Router Security – Border Gateway Protocol (BGP) Hijacking
Denial of Service (DOS) – blocking access to web sites
Others …..
Presenter’s 6Name
June 17, 2003
Recent Events
Presenter’s Name
June 17, 2003
7
Comprehensive National Cybersecurity Initiative (CNCI)
Establish a front line of defense
Reduce the Number of
Trusted Internet
Connections
Deploy Passive Sensors
Across Federal Systems
Pursue Deployment of
Automated Defense
Systems
Coordinate and
Redirect R&D Efforts
Resolve to secure cyberspace / set conditions for long-term success
Connect Current
Centers to Enhance
Situational Awareness
Develop Gov’t-wide
Counterintelligence
Plan for Cyber
Increase Security of the
Classified Networks
Expand Education
Shape future environment / secure U.S. advantage / address new threats
Define and Develop
Enduring Leap Ahead
Technologies, Strategies
& Programs
Define and Develop
Enduring Deterrence
Strategies & Programs
Manage Global Supply
Chain Risk
http://cybersecurity.whitehouse.gov
Cyber Security in
Critical Infrastructure
Domains
NITRD Participating Agencies
Networking Information
Technology R&D
9
Federal Cybersecurity R&D Strategic Plan
Science of Cyber Security
Research Themes
Tailored Trustworthy Spaces
Moving Target Defense
Cyber Economics and Incentives
Designed-In Security (New for FY13)
Transition to Practice
Technology Discovery
Test & Evaluation / Experimental
Deployment
Transition / Adoption / Commercialization
Released Dec 6, 2011
http://www.whitehouse.gov/blog/2011/12/06/
federal-cybersecurity-rd-strategic-plan-released
Support for National Priorities
Health IT, Smart Grid, NSTIC (Trusted
Identity), NICE (Education), Financial
Services
Presenter’s Name
June 17, 2003
10
DHS S&T Mission Guidance
Strategic
Guidance
Homeland
Security Act 2002
QHSR
(Feb 2010)
BUR
(July 2010)
S&T Strategic
Plan (2011)
QHSR
Threats
Core
Missions
Operational
Directives
Smaller Scale
Terrorism
Trafficking,
Crime
Pandemics,
Accidents,
Natural Hazards
1. Preventing terrorism & enhancing security
2. Securing and managing our borders
3. Enforcing & administering immigration laws
HSPD-5
National
Incident
Management
System
(2003)
HSPD-9
Defense of
U.S.
Agriculture
& Food
(2004)
Violent
Extremism
High
Consequence
WMD
4. Safeguarding and securing cyberspace
5. Ensuring resilience to disasters
HSPD-10
Biodefense
for the 21st
Century
(2004)
HSPD-22
Domestic
Chemical
Defense
(2007)
PPD-8
National
Preparedness
(2011)
Prevention, Protection, Mitigation,
Response, Recovery
Cybersecurity for the 16 Critical
Infrastructure Sectors
DHS
provides
advice and
alerts to the
16 critical
infrastructure
areas …
… DHS
collaborates
with sectors
through Sector
Coordinating
Councils (SCC)
X
X
Business / Personal
Shopping & Banking Point of Sale (in store or on line)
Personnel
Social Media
…
EO-13636 and PPD-21
In February 2013, the President issued two new policies:
1) Executive Order 13636: Improving Critical
Infrastructure Cybersecurity
2) Presidential Policy Directive – 21: Critical
Infrastructure Security and Resilience
America's national security and economic prosperity are
dependent upon the operation of critical infrastructure
that are increasingly at risk to the effects of cyber attacks
The vast majority of U.S. critical infrastructure is owned
and operated by private companies
A strong partnership between government and industry is
indispensible to reducing the risk to these vital systems
Integrating Cyber-Physical Security
Executive Order 13636: Improving
Critical Infrastructure Cybersecurity
directs the Executive Branch to:
Develop a technology-neutral
voluntary cybersecurity framework
Promote and incentivize the
adoption of cybersecurity
practices
Increase the volume, timeliness and
quality of cyber threat information
sharing
Incorporate strong privacy and civil
liberties protections into every
initiative to secure our critical
infrastructure
Explore the use of existing
regulation to promote cyber security
Presidential Policy Directive-21:
Critical Infrastructure Security and
Resilience replaces Homeland Security
Presidential Directive-7 and directs the
Executive Branch to:
Develop a situational awareness
capability that addresses both
physical and cyber aspects of how
infrastructure is functioning in nearreal time
Understand the cascading
consequences of infrastructure
failures
Evaluate and mature the publicprivate partnership
Update the National Infrastructure
Protection Plan
Develop comprehensive research
and development plan (CSD / RSD)
Presenter’s Name
June 17, 2003
14
EO-PPD Deliverables
120 days – June 12, 2013
C
• Publish instructions: unclassified threat information
• Report on cybersecurity incentives
• Publish procedures: expand the Enhanced Cybersecurity Services
150 Days - July 12, 2013
C
C
• Identify cybersecurity critical infrastructure
• Evaluate public-private partnership models
• Expedite security clearances for private sector
240 Days – October 10, 2013
• Develop a situational awareness capability
• Update the National Infrastructure Protection Plan
• Publish draft voluntary Cybersecurity Framework
365 days – February 12, 2014
• Report on privacy and civil rights and civil liberties cybersecurity enhancement risks
• Stand up voluntary program based on finalized Cybersecurity Framework
Beyond 365 - TBD
• Critical Infrastructure Security and Resilience R&D Plan
Presenter’s Name
June 17, 2003
15
Cybersecurity Framework (NIST lead)
Developed in collaboration with industry, provides guidance to an organization on
managing cybersecurity risk
Supports the improvement of cybersecurity for the Nation’s Critical Infrastructure
using industry-known standards and best practices
Provides a common language and mechanism for organizations to
1. describe current cybersecurity posture;
2. describe their target state for cybersecurity;
3. identify and prioritize opportunities for improvement within the context of risk
management;
4. assess progress toward the target state;
5. Foster communications among internal and external stakeholders.
Composed of three parts: the Framework Core, the Framework Implementation
Tiers, and Framework Profiles
Presenter’s Name
June 17, 2003
16
Cybersecurity Framework
Function
IDENTIFY
PROTECT
DETECT
RESPOND
RECOVER
Category
Asset Management
Business Environment
Governance
Risk Assessment
Risk Management
Access Control
Awareness and Training
Data Security
Information Protection Processes and Procedures
Protective Technology
Anomalies and Events
Security Continuous Monitoring
Detection Processes
Communication
Analysis
Mitigation
Improvements
Recovery Planning
Improvements
Communication
Presenter’s Name
June 17, 2003
17
Recommended Incentives
Areas:
1. Cybersecurity Insurance
6. Public Recognition
2. Grants
3. Process Preference
7. Rate Recovery for Price Regulated
Industries
4. Liability Limitation
8. Cybersecurity Research
5. Streamline Regulations
“While these reports do not yet represent a final Administration policy, they do offer
an initial examination of how the critical infrastructure community could be
incentivized to adopt the Cybersecurity Framework as envisioned in the Executive
Order. We will be making more information on these efforts available as the
Framework and Program are completed.”
Michael Daniel,
Special Assistant to the President and Cybersecurity Coordinator
White House Blog, August 6, 2013
Presenter’s Name
June 17, 2003
18
R&D guidance from PPD-21
Within 2 years, DHS in coordination with OSTP, SSA’s, DOC and other Federal
D&A, shall provide to the President a National Critical Infrastructure Security and
Resilience R&D Plan that takes into account the evolving threat landscape, annual
metrics, and other relevant information to identify priorities and guide R&D
requirements and investments…plan issued every 4 years …updates as needed.
Innovation and Research & Development: DHS in coordination with OSTP, SSA’s,
Commerce and other Federal D&A, shall provide input to align those Federal and
Federally-funded R&D activities that seek to strengthen the security and resiliency
of the Nation’s critical infrastructure, including:
Promoting R&D to enable the secure and resilient design and construction of critical
infrastructure and more secure accompanying cyber technology;
Enhancing modeling capabilities to determine potential impacts … and cascading effects;
Facilitating initiatives to incentivize cyber security investments and the adoption of critical
infrastructure design features that strengthen all-hazards security and resilience;
Prioritizing efforts to support the strategic guidance issued by the Secretary.
Working Group headed up by DHS S&T
Presenter’s Name
June 17, 2003
19
How to Engage
National Infrastructure Protection Plan process
Review and comment on Draft Documents
www.dhs.gov/eo-ppd
Provide input through dialogue on IdeaScale -- http://eoppd.ideascale.com
Encourage partners to review and provide input
PPD/EO Integrated Task Force Weekly Stakeholder Bulletin
Current status of activities
List of upcoming Open Forums, Webinars and other Engagement Opportunities
Contact [email protected] for more information
Also R&[email protected] for R&D plan information, participation
Presenter’s Name
June 17, 2003
20
DHS S&T Mission
Strengthen America’s security and resiliency by providing
knowledge products and innovative technology solutions for
the Homeland Security Enterprise
1) Create new technological capabilities and knowledge products
2) Provide Acquisition Support and Operational Analysis
3) Provide process enhancements and gain efficiencies
4) Evolve US understanding of current and future homeland security risks and
opportunities
FOCUS AREAS
• Bio
• Explosives
• Cybersecurity
• First Responders
• Resilient Systems
• Borders / Maritime
21
Cyber Security Focus Areas
Trustworthy Cyber Infrastructure
Working with the global Internet community to secure cyberspace
Research Infrastructure to Support Cybersecurity
Developing necessary research infrastructure to support R&D community
R&D Partnerships
Establishing R&D partnerships with private sector, academia, and
international partners
Innovation and Transition
Ensuring R&D results become real solutions
Cybersecurity Education
Leading National and DHS cybersecurity education initiatives
Presenter’s Name
June 17, 2003
22
Trustworthy Cyber Infrastructure
Secure Protocols
DNSSEC – Domain Name System Security
Govt and private sector worked together to make this happen
Started in 2004; now 111 top level (gTLD) and country code (ccTLD) domains
adopted globally including the Root
SPRI – Secure Protocols for Routing Infrastructure
Internet Measurement and Attack Modeling
Geographic mapping of Internet resources
Logically and/or physically connected maps of Internet resources
Monitoring and archiving of BGP route information
Co-funding with Australia
Presenter’s Name
http://www.isi.edu/ant/address/browse/
June 17, 2003
23
Research Infrastructure
Experimental Research Testbed (DETER)
Researcher and vendor-neutral experimental infrastructure
Used by over 200 organizations from more than 20 states and 17 countries
Used by over 40 classes, from 30 institutions involving 2,000+ students
http://www.deter-project.org
Research Data Repository (PREDICT)
Repository of network data for use by the U.S.- based cyber security
research community
More than 200 users (academia, industry, gov’t); Over 600TB of network data;
Tools are used by major service providers and many companies
Phase 2: New datasets, ICTR Ethics, International (CA, AUS, JP, EU)
https://www.predict.org
Software Assurance Market Place (SWAMP)
A software assurance testing and evaluation facility and the associated
research infrastructure services
Presenter’s Name
June 17, 2003
24
R&D Partnerships
Oil and Gas Sector
LOGIIC – Linking Oil & Gas Industry to Improve Cybersecurity
Electric Power Sector
TCIPG – Trustworthy Computing Infrastructure for the Power Grid
Banking and Finance Sector
FI-VICS – Financial Institutions – Verification of Identity Credential Service
DECIDE – Distributed Environment for Critical Incident Decision-making
Exercises (recent Quantum Dawn II exercise)
State and Local
PRISEM - Public Regional Information Security Event Management
PIV-I/FRAC TTWG – State and Local and Private Sector First Responder
Authentication Credentials and Technology Transition
Law Enforcement
SWGDE – Special Working Group on Digital Evidence (FBI lead)
CFWG – Cyber Forensics Working Group (CBP, ICE, USSS, FBI, S/L)
Presenter’s Name
June 17, 2003
25
S&T International Engagements
International Bilateral Agreements
Government-to-government cooperative activities for 13 bilateral Agreements
•
•
•
•
•
•
•
•
•
•
•
•
•
Canada (2004)
Australia (2004)
United Kingdom (2005)
Singapore (2007)
Sweden (2007)
Mexico (2008)
Israel (2008)
France (2008)
Germany (2009)
New Zealand (2010)
European Commission (2010)
Spain (2011)
COUNTRY
Netherlands (2013)
Over $6M of
International
co-funding
PROJECTS MONEY IN JOINT MONEY OUT
Australia
3
$300K
$400K
Canada
11
$1.8M
Germany
1
$300K
Israel
2
$100K
Netherlands
7
$450K
$1.2M
$150K
Sweden
4
$650K
United Kingdom
3
$1.2M
$400K
European Union
1
Presenter’s Name
June 17, 2003
Japan
1
CSD R&D Execution Model
Successes
•
Ironkey – Secure USB
–
–
•
Research
Development
Test and Evaluation &
Transition (RDTE&T)
Komoku – Rootkit Detection
Technology
–
•
•
•
Over 100 pilot deployments as
part of Cyber Forensics
Endeavor Systems – Malware
Analysis tools
–
Acquired by McAfee
Stanford – Anti-Phishing
Technologies
–
Example: DARPA has provided $9M to CSD for
development and transition of Military Networking
Protocol (MNP) technology and has started
discussions for testing and evaluation of
Automated Malware Analysis technology
Acquired by Microsoft
HBGary – Memory and Malware
Analysis
–
•
Standard Issue to S&T employees
from S&T CIO
Acquired by Imation
Open source; most browsers have
included Stanford R&D
Secure Decisions – Data
Visualization
–
Pilot with DHS/NCSD/US-CERT;
Acquisition
Presenter’s Name
June 17, 2003
Transition To Practice (TTP) Program
R&D Sources
DOE National
Labs
FFRDC’s (Federally
Funded R&D Centers)
Academia
Small Business
Transition
processes
Testing &
evaluation
Red Teaming
Pilot
deployments
Implement Presidential Memorandum –
“Accelerating Technology Transfer and
Commercialization of Federal Research in Support
of High-Growth Businesses” (Oct 28, 2011)
Utilization
Open Sourcing
Licensing
New Companies
Adoption by
cyber
operations
analysts
Direct privatesector adoption
Government
use
Presenter’s Name
June 17, 2003
28
A NATIONAL PROBLEM
The Nation needs greater cybersecurity awareness and more
cybersecurity experts.
There is a lack of communication between government, private
industry, and academia.
Many cybersecurity training programs exist but there is little
consistency among programs, and potential employees lack
information about the skills needed for jobs.
Cybersecurity Career development and scholarships are available but
uncoordinated, and the resources that do exist are difficult to find.
NICE was established in support
of the Comprehensive National
Cybersecurity Initiative (CNCI) –
Initiative 8: Expand Cyber
Education – Interim Way Forward
and is comprised of over 20
federal departments and agencies.
29
Cybersecurity Education
Cyber Security Competitions (http://nationalccdc.org)
National Initiative for Cybersecurity Education (NICE)
NCCDC (Collegiate); U.S. Cyber Challenge (High School)
Provide a controlled, competitive environment
to assess a student’s depth of understanding and
operational competency in managing the challenges
inherent in protecting a corporate network
infrastructure and business information systems.
DHS Cyber Skills Task Force (CSTF)
Established June 6, 2012 - Homeland Security Advisory Council
Over 50 interviews (DHS internal and external)
Identify best ways DHS can foster the development of a national security
workforce capable of meeting current and future cybersecurity challenges;
Outline how DHS can improve its capability to recruit and retain sophisticated
cybersecurity talent.
11 recommendations in 5 key areas
Presenter’s Name
June 17, 2003
30
DHS Cyber Skills Task Force (CSTF) - Objectives
Objective I: Ensure that the people given responsibility for mission-critical
cybersecurity roles and tasks at DHS have demonstrated that they have high
proficiency in those areas.
Objective II: Help DHS employees develop and maintain advanced technical
cybersecurity skills and render their working environment so supportive that
qualified candidates will prefer to work at DHS.
Objective III: Radically expand the pipeline of highly qualified candidates for
technical mission-critical jobs through partnerships with community colleges,
universities, organizers of cyber competitions, and other federal agencies.
Objective IV: Focus the large majority of DHS’s near term efforts in
cybersecurity hiring, training, and human capital development on ensuring that
the Department builds a team of approximately 600 federal employees with
mission-critical cybersecurity skills.
Objective V: Establish a “CyberReserve” program to ensure a cadre of
technically proficient cybersecurity professionals are ready to be called upon if
and when the nation needs them.
31
ICE Homeland Security Investigations
(HSI) Cyber Student Initiative (7/10/13)
36 HSI offices volunteered to participate
291 Applicants of which 203 were Qualified Applicants
27 Candidates Selected (of which 2 declined) – Atlanta,
Baltimore, Boston, Buffalo, Charleston, Charlotte,
Chicago, Denver, El Paso, Long Beach, Los Angeles,
New York, Orlando, Pensacola, Philadelphia, Phoenix,
San Antonio, San Francisco, Savannah, Seattle, DC.
Twenty three (23) candidates employed between JulySeptember 2013
32
Intern Program – Round 1
Number of Interns
1intern
1 intern
1 intern
1 intern
1intern
1 intern
1 intern
EOD Date
7/22/13
7/15/13
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
1 intern
7/22/13
7/09/13
7/09/13
7/09/13
7/08/13
7/09/13
7/08/13
College
Chattahoochee Technical College
Anne Arundel Community College
Anne Arundel Community College
Bunker Hill Community College
Westchester Community College
Trident Technical College
Location
Central Piedmont Community College
Atlanta, GA
Baltimore, MD
Baltimore, MD
Boston, MA
Buffalo, NY
Charleston, NC
Charlotte, NC
Moraine Valley Community College
Garden City Community College
Community College of Denver
El Paso Community College
Prince George’s Community College
DeVry University
New York Institute Technology
SUNY Orange Middletown NY
Valencia College
Valencia College
Pensacola State College
Anne Arundel Community College
Mesa Community College
Alamo Colleges
Diablo Valley College
Cochise College
Edmonds Community College
Chattahoochee Technical College
Chicago, IL
Denver, CO
Denver, CO
El Paso, TX
Fairfax, VA (C3)
Los Angeles, CA
New York, NY
New York, NY
Orlando, FL
Orlando, FL
Pensacola, FL
Philadelphia, PA
Phoenix, AZ
San Antonio, TX
San Francisco, CA
San Francisco, CA
Savannah, GA
Seattle, WA
33
White House Priorities – FY14+
Secure Federal Networks
Identity/Credential Access Mgmt (ICAM), Cloud Exchange, Fed-RAMP
Protect Critical Infrastructure
Public-Private Cyber Coordination, EO/PPD Initiatives
Improve Incident Response and Reporting
Information Sharing among Federal Centers
Capacity Building for State/Local/Tribal/Territorial (SLTTs)
Engage Internationally
Foreign Assistance Capacity Building
Build Workforce Capacity to Support International Cyber Engagement
Shape the Future
National Strategy for Trusted Identity in Cyberspace (NSTIC)
National Initiative for Cybersecurity Education (NICE)
Cybersecurity R&D – EO/PPD R&D Plan, Federal R&D Plan, Transition
To Practice, Foundational Research
Presenter’s Name
June 17, 2003
34
Future - Inter-Agency: CPS
Cyber Physical Systems (CPS)
“Smart networked systems with embedded sensors, processors
and actuators that are designed to sense and interact with the
physical world (including the human users), and support real-time,
guaranteed performance in safety-critical applications”
Several workshops over the past year or two
Transportation
Automotive, UAVs, Aeronautical, Rail
Manufacturing
Healthcare
Energy
Agriculture
Defense
Emergency Response
Others …..
All with an eye towards society, economics, and impact
Presenter’s Name
June 17, 2003
35
CSD New Program Ideas
Security for Cloud-Based Systems
Data Privacy Technologies
Mobile Wireless Investigations
Mobile Device Security
Next-Generation DDOS Defenses
Application Security Threat Attack Modeling (ASTAM)
Static Tool Analysis Modernization Project (STAMP)
Network Reputation and Risk Analysis
Data Analytics Methods for Cyber Security
Cyber Security Education
Designed-In Security
Finance Sector Cybersecurity
DNSSEC Applications
Data Provenance for Cybersecurity
Cyber Economic Incentives – based on
EO/PPD June 17, 2003
Presenter’s Name
36
Programs for U. S. Small Business
Small Business Innovation Research
•2.5%
(SBIR)
Set-aside program for small business concerns to
engage in federal R&D -- with potential for
commercialization
Small Business Technology Transfer
•.3%
(STTR)
Set-aside program to facilitate cooperative R&D between
small business concerns and research institutions -- with
potential for commercialization
SBIR - A 3 Phase Program
•PHASE I
• Feasibility Study
• $100K (in general) and 6 month effort (amounts are changing)
•PHASE II
• Full Research/R&D
• $750K and 24 month effort (amounts are changing)
• Commercialization plan required
•PHASE III
• Commercialization Stage
• Use of non-SBIR Funds
Agency SBIR Differences
Number and timing of solicitations
R&D Topic Areas – Broad vs. Focused
Dollar Amount of Award (Phase I and II)
Proposal preparation instructions
Financial details (e.g., Indirect Cost Rates)
Proposal review process
Proposal success rates
Types of award
Commercialization assistance
And more…………
Small Business Innovative Research (SBIR)
FY04
Network-based Boundary Controllers
(3)
Botnet Detection and Mitigation (4)
FY07
Mobile Device Forensics (1)
FY12
Large-Scale Network Survivability,
Rapid Recovery, and Reconstitution (1)
FY11
Software Testing and Vulnerability
Analysis (3)
FY10
FY06
Hardware-assisted System Security
Monitoring (4)
FY09
FY05
Cross-Domain Attack Correlation
Technologies (2)
Real-Time Malicious Code
Identification (2)
Advanced SCADA and Related
Distributed Control Systems (5)
Moving Target Defense (2)
Solid State Drive (SSD) Analysis (1)
FY13
Hybrid Analysis Mapping
Software Based Roots of Trust for
Enhanced Mobile Device Security
Secure and Reliable Wireless
Communication for Control Systems (2)
40
Small Business Innovative Research (SBIR)
Important program for creating new innovation and
accelerating transition into the marketplace
Since 2004, DHS S&T Cyber Security has had:
74 Phase I efforts
28 Phase II efforts
4 Phase II efforts currently in progress
10 commercial/open source products available
Four acquisitions
Komoku, Inc. (MD) acquired by Microsoft in March 2008
Endeavor Systems (VA) acquired by McAfee in January 2009
Solidcore (CA) acquired by McAfee in June 2009
HBGary (CA) acquired by ManTech in February 2012
41
Cyber Security R&D Broad Agency
Announcement (BAA)
Delivers both near-term and medium-term solutions
To develop new and enhanced technologies for the detection of,
prevention of, and response to cyber attacks on the nation’s critical
information infrastructure, based on customer requirements
To perform research and development (R&D) aimed at improving the
security of existing deployed technologies and to ensure the
security of new emerging cybersecurity systems;
To facilitate the transfer of these technologies into operational
environments.
Proposals Received According to 3 Levels of Technology Maturity
Type I (New Technologies)
Applied Research Phase
Development Phase
Demo in Op Environ.
Funding ≤ $3M & 36 mos.
Type II (Prototype Technologies)
More Mature Prototypes
Development Phase
Demo in Op Environ.
Funding ≤ $2M & 24 mos.
Type III (Mature Technologies)
Mature Technology
Demo Only in Op Environ.
Funding ≤ $750K & 12 mos.
Note: Technology Demonstrations = Test,
Evaluation, and Pilot deployment in
DHS “customer” environments
42
DHS S&T Long Range Broad Agency
Announcement (LRBAA) 12-07
S&T seeks R&D projects for revolutionary, evolving, and maturing
technologies that demonstrate the potential for significant
improvement in homeland security missions and operations
Offerors can submit a pre-submission inquiry prior to White Paper
submission that is reviewed by an S&T Program Manager
CSD has 18 Topic Areas (CSD.01 – CSD.18) – SEE NEXT SLIDE
LRBAA 12-07 has been extended and closes on 12/31/13
S&T BAA Website: https://baa2.st.dhs.gov
Additional information can be found on the Federal Business
Opportunities website (www.fbo.gov) (Solicitation #:DHSSTLRBAA12-07)
43
LRBAA Summary Listing
CSD.01 – Comprehensive National
Cybersecurity Initiative and Federal R&D
Strategic Plan topics
CSD.02 – Internet Infrastructure Security
CSD.03 – National Research
Infrastructure
CSD.04 –Homeland Open Security
Technology
CSD.05 – Forensics support to law
enforcement
CSD.06 – Identity Management
CSD.07 – Data Privacy and Information
Flow technologies.
CSD.08 – Software Assurance
CSD.09 – Cyber security competitions,
education and curriculum development.
CSD.10 – Process Control Systems and
Critical Infrastructure Security
CSD.11 – Internet Measurement and
Attack Modeling
CSD.12 – Securing the mobile
workforce
CSD.13 - Security in cloud based
systems
CSD.14 – Experiments – Test and
evaluation in experimental operational
environments to facilitate transition.
CSD.15 – Research Data Repository
CSD.16 – Cybersecurity Economic
Incentives
CSD.17 – Data Analytics – analysis
techniques, visualization,
CSD.18 – Tailored Trustworthy Spaces
– trust negotiation, app anonymity
44
Summary
Cybersecurity research is a key area of innovation to
support our global economic and national security futures
DHS S&T continues with an aggressive cyber security
research agenda
Working to solve the cyber security problems of our current (and
future) infrastructure and systems
Working with academe and industry to improve research tools and
datasets
Looking at future R&D agendas with the most impact for the nation
Need to continue strong emphasis on technology transfer
and experimental deployments
Must focus on the education, training, and awareness
aspects of our current and future cybersecurity workforce
Presenter’s Name
June 17, 2003
45
Recent CSD Publications
Presenter’s Name
June 17, 2003
46
Douglas Maughan, Ph.D.
Division Director
Cyber Security Division
Homeland Security Advanced
Research Projects Agency (HSARPA)
[email protected]
202-254-6145 / 202-360-3170
For more information, visit
http://www.dhs.gov/cyber-research
http://www.dhs.gov/st-csd
Presenter’s Name
June 17, 2003
47