DHS S&T Undertakes R&D to Support New Cybersecurity Strategy
Friday, June 01, 2018 | Comments

Last month at a cybersecurity conference, Homeland Security Secretary Kirstjen M. Nielsen previewed the May unveiling of the Department of Homeland Security’s (DHS) new cybersecurity strategy and issued a stern warning to cybercriminals. The new DHS Cybersecurity Strategy was released May 15.

To accomplish this new stance, the DHS Science and Technology Directorate (S&T) is working in tandem with DHS operational components by conducting research and development (R&D) in numerous areas that will help strengthen DHS’s ability to detect and defend against cyberattacks.

“I have a news flash for America’s adversaries: Complacency is being replaced by consequences,” Nielsen said at the RSA Conference last month in San Francisco. “We will not stand on the sidelines while our networks are compromised. We will not abide the theft of our data, our innovation and our resources. And we will not tolerate cyber meddling aimed at the heart of our democracy.”

She added that DHS is adopting a more forward-leaning posture that will bolster the nation’s digital defenses by prioritizing enhancements in risk identification, vulnerability reduction, threat reduction and consequence mitigation. The new plan also includes a new focus area: enabling cybersecurity outcomes.

“As the R&D arm of DHS, S&T is working on a wide range of research efforts that will greatly enhance the cybersecurity posture of critical infrastructure systems and the online environment,” said William N. Bryan, senior official performing the duties of the under secretary for science and technology. “These research efforts will lead to the development and implementation of new solutions that will make it possible for DHS to achieve the new cybersecurity strategy that Secretary Nielsen outlined in the new DHS Cybersecurity Strategy.”

S&T is conducting several R&D projects that support the newly-introduced strategy.

The Application of Network Measurement Science (ANMS) project is developing innovative technologies that will provide the capability to identify, classify, report, predict, provide attribution and potentially mitigate network/internet disruptive events. Additionally, the Next Generation Cyber Infrastructure Apex program is addressing the cyber challenges facing our nation’s critical infrastructure sectors, enabling these essential entities to operate effectively even in the face of sophisticated, targeted cyberattacks.

Among S&T’s many projects supporting vulnerability reduction is the Critical Infrastructure Design and Adaptive Resilient Systems project, which will develop the technical basis and analytical tools needed to support cross-sector cybersecurity risk assessments. It also identifies standards of practice to support the expanded use of risk methodologies for cyber and physical systems and resource planning. Separately, the Cybersecurity for the Oil and Gas Sector project undertakes collaborative R&D efforts to improve the level of cybersecurity in critical systems of interest to the oil and natural gas sector. These projects are driven by the Critical Infrastructure Security and Resilience Research and Development Implementation Plan, which outlines federal R&D priorities and activities to strengthen critical infrastructure security and resilience.

The threat reduction area is focused on reducing cyber threats by countering transnational criminal organizations and sophisticated cyber criminals.

Among S&T’s many projects supporting this area is the Anonymous Networks and Currencies and Cyber Forensics projects, which are developing cost-effective and novel solutions to aid law enforcement agencies in their investigations of criminal activity in these areas.

S&T also offers Autopsy, an open-source, digital forensics platform and iVe, a vehicle navigation infotainment system forensics tool used by law enforcement agencies worldwide. Autopsy determines how a digital device was used in a crime and recovers evidence, and is enhanced with the addition of several new capabilities requested by law enforcement. The iVe technology is a digital forensics toolkit that obtains digital evidence from vehicle navigation and infotainment systems. This technology is currently supported in more than 10,000 vehicle models.

S&T’s Network System Security program is comprised of the previously mentioned ANMS, Distributed Denial of Service Defense and Federated Security projects, all of which are working on solutions to secure IT networks and emergency response networks from cyberattacks.

In the new plan, consequence mitigation is described as minimizing consequences from potentially significant cyber incidents.

To make it harder for cybercriminals to hack networks and systems, S&T’s Cyber Physical System Security project is helping ensure security considerations are added into the design of cyber physical systems, such as the internet of things (IoT), while they are being built. Also, S&T is working closely with the National Institute of Standards and Technology (NIST) on its Global Cities Team Challenge (GCTC) to raise awareness for cybersecurity and privacy needs in emerging “smart cities” systems. The Smart and Secure Cities and Communities Challenge encourages GCTC participants to adopt designed-in cybersecurity for smart city systems that are more secure, reliable, resilient and protective of privacy.

The cybersecurity outcomes pillar looks at prioritizing DHS cybersecurity R&D and tech transition plus expanding international cooperation to ensure an open, interoperable, secure and reliable internet.

S&T’s Transition to Practice Program is leading the effort to transition government-funded cybersecurity technologies to the marketplace. Earlier this month, the program announced its 20th transition, which equals half the technologies enrolled in the transition-to-market program.

On the international front, S&T enjoys a range of international partnerships on many issues, including cybersecurity. Next month, S&T will award its first international awards to U.S.-Dutch research teams that will be working on Distributed Denial of Service Defense and Industrial Control Systems/Supervisory Control and Data Acquisition projects. S&T also has cybersecurity-focused partnerships with more than 20 countries and international organizations that include Great Britain, Israel, Australia, New Zealand, Canada and the European Union.

Supporting each of the aforementioned projects, and in fact all S&T cybersecurity R&D projects, is the Cybersecurity Research Infrastructure program, which is comprised of the Information Marketplace for Policy and Analysis of Cyber-risk & Trust and Experimental Research Testbed. The former supports the global cyber-risk research community by coordinating and developing real-world data and information-sharing capabilities including tools, models and methodologies, while the latter enables cybersecurity researchers to run their advanced defense solutions safely against live threats on a “virtual internet” without endangering other research or the larger internet.

Find the DHS new cybersecurity strategy here.

Would you like to comment on this story? Find our comments system below.



 
 
Post a comment
Name: *
Email: *
Title: *
Comment: *
 

Comments

No Comments Submitted Yet

Be the first by using the form above to submit a comment!

Site Navigation

Close