Mapping DHS’s new cybersecurity strategy, highlighting S&T’s R&D support

1. Risk identification
“We must be more aware of vulnerabilities built into the fabric of the internet and other widespread weaknesses …We must also prioritize securing essential functions across sectors, including those executed through multiple assets and systems,” Secretary Nielsen said in her RSA Conference remarks.

S&T’s Application of Network Measurement Science (ANMS) project is developing innovative technologies that will provide the capability to identify, classify, report, predict, provide attribution and potentially mitigate network/internet disruptive events. Additionally, the Next Generation Cyber Infrastructure Apex program is addressing the cyber challenges facing our nation’s critical infrastructure sectors, enabling these essential entities to operate effectively even in the face of sophisticated, targeted cyberattacks.

2. Vulnerability reduction
“Looking out five years, DHS aims to have far greater awareness of dangerous threats before they hit our networks … to dismantle major illicit cyber networks in minutes, not months … and to be faster, smarter and more effective in responding to incidents,” Secretary Nielsen said.

Among S&T’s many projects supporting this area is the Critical Infrastructure Design and Adaptive Resilient Systems project, which develops the technical basis and analytical tools needed to support cross-sector cybersecurity risk assessments. It also identifies standards of practice to support the expanded use of risk methodologies for cyber and physical systems and resource planning.

Separately, the Cybersecurity for the Oil and Gas Sector project undertakes collaborative R&D efforts to improve the level of cybersecurity in critical systems of interest to the oil and natural gas sector. These projects are driven by the Critical Infrastructure Security and Resilience Research and Development Implementation Plan, which outlines federal R&D priorities and activities to strengthen critical infrastructure security and resilience.

3. Threat reduction
This area is focused on reducing cyber-threats by countering transnational criminal organizations and sophisticated cyber-criminals.

Among S&T’s many projects supporting this area is the Anonymous Networks and Currencies and Cyber Forensics projects, which are developing cost-effective and novel solutions to aid law enforcement agencies in their investigations of criminal activity in these areas. S&T also offers Autopsy, an open-source, digital forensics platform and iVe, a vehicle navigation infotainment system forensics tool used by law enforcement agencies worldwide. Autopsy determines how a digital device was used in a crime and recovers evidence, and is enhanced with the addition of several new capabilities requested by law enforcement. The iVe technology is a digital forensics toolkit that obtains digital evidence from vehicle navigation and infotainment systems. This technology is currently supported in more than 10,000 vehicle models.   

S&T also notes that its Network System Security program is comprised of the previously mentioned ANMS, Distributed Denial of Service Defense and Federated Security projects, all of which are working on solutions to secure IT networks and emergency response networks from cyberattacks.

4. Consequence mitigation
In the new plan, this focus is described as minimizing consequences from potentially significant cyber incidents.

To make it harder for cybercriminals to hack networks and systems, S&T’s Cyber Physical System Security project is helping ensure security considerations are added into the design of cyber physical systems, such as the Internet of Things, while they are being built. Also, S&T is working closely with the National Institute of Standards and Technology on its Global Cities Team Challenge (GCTC) to raise awareness for cybersecurity and privacy needs in emerging “smart cities” systems. The Smart and Secure Cities and Communities Challenge is encouraging GCTC participants to adopt designed-in cybersecurity for “smart city” systems that are more secure, reliable, resilient and protective of privacy.

5. Enable cybersecurity outcomes
This pillar talks about prioritizing DHS cybersecurity R&D and tech transition plus expanding international cooperation to ensure an open, interoperable, secure and reliable internet.

S&T’s Transition to Practice Program is leading the effort to transition government-funded cybersecurity technologies to the marketplace. Earlier this month, the program announced its 20th transition, which equals half the technologies enrolled in the transition-to-market program.

On the international front, S&T enjoys a range of international partnerships on many issues, including cybersecurity. Next month, S&T will award its first international awards to U.S.-Dutch research teams that will be working on Distributed Denial of Service Defense and Industrial Control Systems/Supervisory Control and Data Acquisition projects. S&T also has cybersecurity-focused partnerships with more than twenty countries and international organizations that includes Great Britain, Israel, Australia, New Zealand, Canada and the European Union.

Supporting all cyber research and development efforts
S&T says that supporting each of the aforementioned projects and in fact all S&T cybersecurity R&D projects is the Cybersecurity Research Infrastructure program, which is comprised of the Information Marketplace for Policy and Analysis of Cyber-risk & Trust and Experimental Research Testbed. The former supports the global cyber-risk research community by coordinating and developing real-world data and information-sharing capabilities including tools, models and methodologies, while the latter enables cybersecurity researchers to run their advanced defense solutions safely against live threats on a “virtual internet” without endangering other research or the larger internet.

“These research areas represent only a handful of S&T’s cybersecurity R&D projects,” DHS says. Read the 2018 Cybersecurity Portfolio Guide and view the cybersecurity projects page to see the breadth of S&T’s research reach. Additionally, at RSA, S&T demonstrated 13 mature, transition-ready cybersecurity solutions from across its broad R&D portfolio.

Nielsen’s complete RSA remarks are available on the DHS website.