DHS S&T Cyber Security Division (CSD) Overview
|
|
- Julianna Harrell
- 8 years ago
- Views:
Transcription
1 Dept. of Homeland Security Science & Technology Directorate DHS S&T Cyber Security Division (CSD) Overview TCIPG Industry Workshop UIUC November 8, 2011 Greg Wigton Program Manager Cyber Security Division Homeland Security Advanced Research Projects Agency (HSARPA)
2 2 Comprehensive National Cybersecurity Initiative (CNCI) Establish a front line of defense Reduce the Number of Trusted Internet Connections Deploy Passive Sensors Across Federal Systems Pursue Deployment of Automated Defense Systems Coordinate and Redirect R&D Efforts Resolve to secure cyberspace / set conditions for long-term success Connect Current Centers to Enhance Situational Awareness Develop Gov t-wide Counterintelligence Plan for Cyber Increase Security of the Classified Networks Expand Education Shape future environment / secure U.S. advantage / address new threats Define and Develop Enduring Leap Ahead Technologies, Strategies & Programs Define and Develop Enduring Deterrence Strategies & Programs Manage Global Supply Chain Risk Cyber Security in Critical Infrastructure Domains 2
3 Federal Cybersecurity Research and Development Program: Strategic Plan 3
4 Federal Cybersecurity R&D Strategic Plan Research Themes Tailored Trustworthy Spaces Moving Target Defense Cyber Economics and Incentives Designed-In Security (New for FY12) Science of Cyber Security Transition to Practice Technology Discovery Test & Evaluation / Experimental Deployment Transition / Adoption / Commercialization Support for National Priorities Health IT, Smart Grid, NSTIC (Trusted Identity), NICE (Education), Financial Services 28 October
5 Quadrennial Homeland Security Review The Core Missions 1. Preventing terrorism and enhancing security; 2. Securing and managing our borders; 3. Enforcing and administering our immigration laws; 4. Safeguarding and securing cyberspace; and 5. Ensuring resilience to disasters. Mission 6: Maturing and Strengthening the Homeland Security Enterprise Foster Innovative Solutions Through Science and Technology Ensure scientifically informed analyses and decisions are coupled to effective technological solutions Conduct scientific assessments of threats and vulnerabilities Foster collaborative efforts involving government, academia, and the private sector to create innovative approaches to key homeland security challenges 28 October
6 DHS S&T Mission Strengthen America s security and resiliency by providing knowledge products and innovative technology solutions for the Homeland Security Enterprise 28 October
7 28 October
8 Cyber Security Division (CSD) R&D Execution Model 28 October
9 Cyber Security Program Areas Research Infrastructure to Support Cybersecurity (RISC) Trustworthy Cyber Infrastructure (TCI) Cyber Technology Evaluation and Transition (CTET) Foundational Elements of Cyber Systems (FECS) Cybersecurity User Protection and Education (CUPE) 29 October
10 Research Infrastructure (RISC) Experimental Research Testbed (DETER) Researcher and vendor-neutral experimental infrastructure DETER - Research Data Repository (PREDICT) Repository of network data for use by the U.S.- based cyber security research community PREDICT Software Quality Assurance (SWAMP) A software assurance testing and evaluation facility and the associated research infrastructure services 28 October
11 Trustworthy Cyber Infrastructure (TCI) Secure Protocols DNSSEC Domain Name System Security SPRI Secure Protocols for Routing Infrastructure Process Control Systems LOGIIC Linking Oil & Gas Industry to Improve Cybersecurity TCIPG Trustworthy Computing Infrastructure for the Power Grid Internet Measurement and Attack Modeling Geographic mapping of Internet resources Logically and/or physically connected maps of Internet resources Monitoring and archiving of BGP route information 28 October
12 Evaluation and Transition (CTET) Assessment and Evaluations Red Teaming of DHS S&T-funded technologies Experiments and Pilots Experimental Deployment of DHS S&T-funded technologies into operational environments Transition to Practice (CNCI) New FY12 Initiative 28 October
13 Foundational Elements (FECS) Enterprise Level Security Metrics and Usability Homeland Open Security Technology (HOST) Software Quality Assurance Cyber Economic Incentives (CNCI) New FY12 Initiative Leap Ahead Technologies (CNCI) Moving Target Defense (CNCI) New FY12 Initiative Tailored Trustworthy Spaces (CNCI) New FY12 Initiative 28 October
14 Cybersecurity Users (CUPE) Cyber Security Competitions National Initiative for Cybersecurity Education (NICE) NCCDC (Collegiate); U.S. Cyber Challenge (High School) Cyber Security Forensics More later Identity Management National Strategy for Trusted Identities in Cyberspace (NSTIC) Data Privacy Technologies New Start in FY13 28 October
15 DHS S&T Cybersecurity Program Cyber Economic Incentives Moving Target Defense Tailored Trustworthy Spaces Leap Ahead Technologies Transition To Practice Software Quality Assurance Homeland Open Security Technology Experiments & Pilots Assessments & Evaluations PEOPLE SYSTEMS INFRASTRUCTURE Identity Management Enterprise Level Security Metrics & Usability Data Privacy Cyber Forensics Competitions Secure Protocols Process Control Systems Internet Measurement & Attack Modeling RESEARCH INFRASTRUCTURE Experimental Research Testbed (DETER) Research Data Repository (PREDICT) Software Quality Assurance (SWAMP) 28 October
16 Critical Infrastructure / Key Resources DECIDE (Distributed Environment for Critical Infrastructure Decisionmaking Exercises) Provide a dedicated exercise capability to foster an effective, practiced business continuity effort to deal with increasingly sophisticated cyber threats Enterprises initiate their own exercises, define their own scenarios, protect their proprietary data, and learn vital lessons to enhance business continuity The Financial Services Sector Coordinating Council R&D Committee has organized a user-group of subject matter experts paid by their respective financial institutions to support the project over the next two years. LOGIIC Linking the Oil & Gas Industry to Improve Cybersecurity A collaboration of oil and natural gas companies and DHS S&T to facilitate cooperative research, development, testing, and evaluation procedures to improve cyber security in Industrial Automation and Control Systems Consortium under the Automation Federation TCIPG Trustworthy Computing Infrastructure for the Power Grid Partnership with DOE funded at UIUC with several partner universities and industry participation Drive the design of an adaptive, resilient, and trustworthy cyber infrastructure for transmission & distribution of electric power, including new resilient smart power grid 16
17 DECIDE (Distributed Environment for Critical Infrastructure Decision-making Exercises) Enable enterprise decision-makers to think through responses to operational disruptions of market-based transactions across networks Sector(s), Market(s), Institution(s) Provide a dedicated exercise capability for several critical infrastructures in the U.S. Beginning with Banking and Finance Foster an effective, practiced business continuity effort to deal with increasingly sophisticated cyber threats Enterprises will be able to initiate their own large-scale exercises, define their own scenarios, protect their proprietary data, and learn vital lessons to enhance business continuity, all from their desktops Think through sector impacts of the National Planning Scenarios Enhance coordination during a large-scale disruption to key infrastructures The concept has been reviewed by and developed with input from experts at ChicagoFIRST, the Options Clearing Corporation, ABN-AMRO, Eurex, Archipelago, Bank of New York, and CitiBank. The Financial Services Sector Coordinating Council R&D Committee is organizing a user-group of subject matter experts paid by their respective financial institutions to support the project over the next two years. 17
18 DECIDE Goal: Create a Finance-sector requested, software-based simulation environment for sector-risk exercises Began as a gleam in the eye of a BNY Risk Manager in 2004 Seen as a logical follow-on the the 2003 Livewire Cyber Exercise Simulation Designed to stress the massive interdependencies of critical infrastructures and help them prepare for low probability / high consequence disruptions Prototyped in 2005 / 2006 with some Homeland Security funding Gained FSSCC Support in 2006 Meets a priority FSCCC R&D Need Transitioned to a $15 million full-scale R&D effort funded by the Department of Homeland Security in 2008 R&D team led by Norwich University Applied Research Institutes 18
19 Partnership Project LOGIIC is a model for government-industry technology integration and demonstration efforts to address critical R&D needs Industry contributes Requirements and operational expertise Project management Product vendor channels DHS S&T contributes National Security Perspective on threats Access to long term security research Independent researchers with technical expertise Testing facilities 19
20 Overview Opportunity: Reduce vulnerabilities of oil & gas process control environments by correlating and analyzing abnormal events to identify and prevent cyber security threats Approach: Identify new types of security sensors for process control networks Adapt a best-of-breed correlation engine to this environment Integrate in testbed and demonstrate Transfer technology to industry External Events Business Network Attack Indications and Warnings LOGIIC Correlation Engine Process Control Network 20
21 Consortium DHS S&T ISA Automation Federation (AF) DHS PCII Oil & Gas Sector Participating Companies Project #N Project #4 Project #3 Project #2 Project #1 Labs Vendors Researchers 21
22 SIS Project Security of Safety Instrumented Systems SIS Objective: bring a process plant to a safe state when an excursion outside pre-established operating parameters occurs SIS increasingly integrated with PCS is the integrity of production facilities jeopardized? LOGIIC SIS will result in Security improvements Characterization of residual risk Architectural recommendations Confidence in the architectural integrity of SIS Final summary report provides architectural recommendations for PCS/SIS integration Outreach to standards bodies and the sector is underway
23 Current TCIPG Effort $18.5 M over 5 years Trustworthy Cyber Infrastructure for the Power Grid Jointly funded with Department Of Energy 5 universities, 20 senior investigators University of Illinois at Urbana-Champaign Washington State University Cornell University Dartmouth University University of California at Davis Over 40 Graduate and Undergraduate Students External Advisory Board (8 members) Industry interaction board (75 members) 23
24 Industrial Control Systems Joint Working Group (ICSJWG) Administered by the Dept. of Homeland Security s Control Systems Security Program. Provides a vehicle for collaboration between government and private sector control systems stakeholders Government Coordinating Council Sector Coordinating Council Subject Matter Experts Meets twice a year in conference as a plenary session, sub groups meet as needed. Includes 5 subgroups plus 1 Pending ICS Roadmap Development International Research and Development Standards and Metrics (pending) Vendor / Public Coordination Workforce Development 24
25 ICSJWG Research & Development Subgroup The Research and Development Subgroup will identify existing and planned research and development needs and priorities as they relate to industrial control systems Objectives Identify existing and planned R&D needs and priorities as they relate to ICS Identify desired areas of ICS research not currently under way Evaluate if a more secure process or mechanism is needed for sharing sensitive R&D information DHS S&T co-chairs the R&D subgroup For more information, visit: 25
26 HSARPA Cyber Security R&D Broad Agency Announcement (BAA) Delivers both near-term and medium-term solutions To develop new and enhanced technologies for the detection of, prevention of, and response to cyber attacks on the nation s critical information infrastructure, based on customer requirements To perform research and development (R&D) aimed at improving the security of existing deployed technologies and to ensure the security of new emerging cybersecurity systems; To facilitate the transfer of these technologies into operational environments. Proposals Received According to 3 Levels of Technology Maturity Type I (New Technologies) Applied Research Phase Development Phase Demo in Op Environ. Funding $3M & 36 mos. Type II (Prototype Technologies) More Mature Prototypes Development Phase Demo in Op Environ. Funding $2M & 24 mos. Type III (Mature Technologies) Mature Technology Demo Only in Op Environ. Funding $750K & 12 mos. Note: Technology Demonstrations = Test, Evaluation, and Pilot deployment in DHS customer environments 28 October
27 Technical Topic Areas (TTAs) TTA-1 Software Assurance DHS, FSSCC TTA-2 Enterprise-level Security Metrics DHS, FSSCC TTA-3 Usable Security DHS, FSSCC TTA-4 Insider Threat DHS, FSSCC TTA-5 Resilient Systems and Networks DHS, FSSCC TTA-6 Modeling of Internet Attacks DHS TTA-7 Network Mapping and Measurement DHS TTA-8 Incident Response Communities DHS TTA-9 Cyber Economics CNCI TTA-10 Digital Provenance CNCI TTA-11 Hardware-enabled Trust CNCI TTA-12 Moving Target Defense CNCI TTA-13 Nature-inspired Cyber Health CNCI TTA-14 Software Assurance MarketPlace S&T (SWAMP) 28 October
28 Small Business Innovative Research (SBIR) Important program for creating new innovation and accelerating transition into the marketplace Since 2004, DHS S&T Cyber Security has had: 60 Phase I efforts 27 Phase II efforts 4 Phase II efforts currently in progress 9 commercial/open source products available Three acquisitions Komoku, Inc. (MD) acquired by Microsoft in March 2008 Endeavor Systems (VA) acquired by McAfee in January 2009 Solidcore (CA) acquired by McAfee in June October
29 Cyber Forensics Initial requirements working group held November 2008 Attendees from USSS, CBP, ICE, FLETC, FBI, NIJ, TSWG, NIST, Miami-Dade PD, Albany NY PD Initial list of project requirements - Mobile device and GPS forensic tools LE First responder field analysis kit High-speed data capture and deep packet inspection Live stream capture for gaming systems Memory analysis and malware tools Info Clearing House 28 October
30 SBIR Solicitation Mobile Device Forensics NAND/NOR Chip Forensics (Lab Tool) Reading the data stored on the chip Reverse engineering of the wear-leveling algorithm Mounting the file system Bypassing PIN/PUK Codes Tool to extract PIN / PUK codes from locked SIM cards Disposable Cell Phone Analysis Demonstration and development of methods and tools that will allow an investigator to acquire all: call logs, contacts, pictures, videos, and text messages stored within all disposable cell phones. 28 October
31 Timeline of Past Research Reports President s Commission on CIP (PCCIP) NRC CSTB Trust in Cyberspace I3P R&D Agenda National Strategy to Secure Cyberspace Computing Research Association 4 Challenges NIAC Hardening the Internet PITAC - Cyber Security: A Crisis of Prioritization IRC Hard Problems List NSTC Federal Plan for CSIA R&D NRC CSTB Toward a Safer and More Secure Cyberspace All documents available at 28 October
32 A Roadmap for Cybersecurity Research Scalable Trustrworthy Systems Enterprise Level Metrics System Evaluation Lifecycle Combatting Insider Threats Combatting Malware and Botnets Global-Scale Identity Management Survivability of Time-Critical Systems Situational Understanding and Attack Attribution Information Provenance Privacy-Aware Security Usable Security 28 October
33 Summary Cybersecurity research is a key area of innovation needed to support our future DHS S&T continues with an aggressive cyber security research agenda Working to solve the cyber security problems of our current (and future) infrastructure and systems Working with academe and industry to improve research tools and datasets Looking at future R&D agendas with the most impact for the nation, including education Need to continue strong emphasis on technology transfer and experimental deployments 28 October
34 Greg Wigton Program Manager Cyber Security Division Homeland Security Advanced Research Projects Agency (HSARPA) For more information, visit 28 October
Cyber Security Division Overview
Homeland Security Advanced Research Projects Agency Cyber Security Division Overview Douglas Maughan, Ph.D. Director October 9, 2012 http://www.cyber.st.dhs.gov Environment: Greater Use of Technology,
More informationDHS S&T Cyber Security Division (CSD) Overview
Dept. of Homeland Security Science & Technology Directorate DHS S&T Cyber Security Division (CSD) Overview NDIA Executive Briefing Crystal City, VA February 17, 2011 Douglas Maughan, Ph.D. Division Director
More informationMary Ellen Seale National Protection and Programs Directorate May 16, 2012
Finding & Integrating CyberTech in the U.S. Government Mary Ellen Seale National Protection and Programs Directorate May 16, 2012 Obtaining Federal Funding Understanding the Landscape Contracting Small
More informationBenefits of Collaborative Science and Innovation - Improve Cyber Security
Public-Private Cooperation in Cybersecurity Research Strategy Development across the Globe A View from the U.S. Department of Homeland Security (DHS) Background Envision a future... in which universities
More informationDHS S&T Cyber Security Division (CSD) Overview
Dept. of Homeland Security Science & Technology Directorate DHS S&T Cyber Security Division (CSD) Overview BAA 11-XX Industry Day WDC November 17, 2010 Douglas Maughan, Ph.D. Division Director Cyber Security
More informationAn Update from Washington Cybersecurity / R&D
Homeland Security Advanced Research Projects Agency An Update from Washington Cybersecurity / R&D Douglas Maughan, Ph.D. Division Director October 30, 2012 http://www.cyber.st.dhs.gov Environment: Greater
More informationGovernment Research Needs: Who Funds What?
Dept. of Homeland Security Science & Technology Directorate Government Research Needs: Who Funds What? ACSAC 2009 Honolulu, HI December 10, 2009 Douglas Maughan, Ph.D. Branch Chief / Program Mgr. douglas.maughan@dhs.gov
More informationThe Comprehensive National Cybersecurity Initiative
The Comprehensive National Cybersecurity Initiative President Obama has identified cybersecurity as one of the most serious economic and national security challenges we face as a nation, but one that we
More informationCyber Security Research and Development a Homeland Security Perspective
FBI ----------------------------------------- INFRAGARD National Conference ----------------------------------------- 2005 Cyber Security Research and Development a Homeland Security Perspective Annabelle
More informationDHS S&T Cyber Security R&D Programs
Homeland Security Advanced Research Projects Agency DHS S&T Cyber Security R&D Programs Ann Cox, PhD Program Manager October 24, 2014 http://www.dhs.gov/cyber-research Presentation Outline Threat Space
More informationDHS S&T Cyber Security R&D Program
Dept. of Homeland Security Science & Technology Directorate DHS S&T Cyber Security R&D Program PSU NSRC Industry Day State College, PA October 17, 2006 Douglas Maughan, Ph.D. Program Manager, HSARPA douglas.maughan@dhs.gov
More informationUS Federal Cyber Security Research Program November 15, 2012 New England Advanced Cyber Security Center Workshop Bill Newhouse (NIST)
US Federal Cyber Security Research Program November 15, 2012 New England Advanced Cyber Security Center Workshop Bill Newhouse (NIST) william.newhouse@nist.gov NITRD Structure for US Federal Cybersecurity
More informationCyber Security Division FY 2012 Annual Report
Cyber Security Division FY 2012 Annual Report Cyber Security Divison FY 2012 Annual Report LETTER FROM THE DIRECTOR Douglas Maughan, Ph.D. Cyber adversaries continue to present a full spectrum of threats
More informationPreventing and Defending Against Cyber Attacks November 2010
Preventing and Defending Against Cyber Attacks November 2010 The Nation s first ever Quadrennial Homeland Security Review (QHSR), delivered to Congress in February 2010, identified safeguarding and securing
More informationUS Federal Cyber Security Research Program. NITRD Program
US Federal Cyber Security Research Program NITRD Program Purpose The primary mechanism by which the U.S. Government coordinates its unclassified Networking and IT R&D (NITRD) investments Supports NIT-related
More informationNational Cyber Security Strategies: United States
National Cyber Security Strategies: United States Audrey L. Plonk Director, Cybersecurity and Internet Governance Intel Corporation 1 ICSS 2013 Trends: National Cybersecurity Strategies New strategies
More informationTUSKEGEE CYBER SECURITY PATH FORWARD
TUSKEGEE CYBER SECURITY PATH FORWARD Preface Tuskegee University is very aware of the ever-escalating cybersecurity threat, which consumes continually more of our societies resources to counter these threats,
More informationDepartment of Homeland Security Science & Technology
Department of Homeland Security Science & Technology Presentation to 6 th Annual Network Science Workshop Dr. Daniel Gerstein Deputy Under Secretary for Science & Technology April 23, 2012 1 DHS S&T Mission
More informationPreventing and Defending Against Cyber Attacks June 2011
Preventing and Defending Against Cyber Attacks June 2011 The Department of Homeland Security (DHS) is responsible for helping Federal Executive Branch civilian departments and agencies secure their unclassified
More informationMiddle Class Economics: Cybersecurity Updated August 7, 2015
Middle Class Economics: Cybersecurity Updated August 7, 2015 The President's 2016 Budget is designed to bring middle class economics into the 21st Century. This Budget shows what we can do if we invest
More informationCyber Security Implications of SIS Integration with Control Networks
Cyber Security Implications of SIS Integration with Control Networks The LOGIIC SIS Project Standards Certification Education & Training Publishing Conferences & Exhibits Presenter Zach Tudor is a Program
More informationI3P SCADA Security Research Plan
I3P SCADA Security Research Plan Unifying Stakeholders and Security Programs to Address SCADA Vulnerability and Infrastructure Interdependency Ron Trellue, Team Lead Sandia National Laboratories 1 What
More informationHomeland Open Security Technology HOST Program
Homeland Open Security Technology HOST Program Informational Briefing August 2011 Sponsored by: U.S. Department of Homeland Security Science and Technology Directorate Implemented by: Open Technology Research
More informationPreventing and Defending Against Cyber Attacks October 2011
Preventing and Defending Against Cyber Attacks October 2011 The Department of Homeland Security (DHS) is responsible for helping Federal Executive Branch civilian departments and agencies secure their
More informationRelease of the Draft Cybersecurity Procurement Language for Energy Delivery Systems
Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems Energy Sector Control Systems Working Group Supporting the Electricity Sector Coordinating Council, Oil & Natural Gas
More informationSECURE AND TRUSTWORTHY CYBERSPACE (SaTC)
SECURE AND TRUSTWORTHY CYBERSPACE (SaTC) Overview The Secure and Trustworthy Cyberspace (SaTC) investment is aimed at building a cybersecure society and providing a strong competitive edge in the Nation
More informationIEEE-Northwest Energy Systems Symposium (NWESS)
IEEE-Northwest Energy Systems Symposium (NWESS) Paul Skare Energy & Environment Directorate Cybersecurity Program Manager Philip Craig Jr National Security Directorate Sr. Cyber Research Engineer The Pacific
More informationCybersecurity for Energy Delivery Systems 2010 Peer Review. William H. Sanders University of Illinois TCIPG Center Overview
Cybersecurity for Energy Delivery Systems 2010 Peer Review Alexandria, VA July 20-22, 2010 William H. Sanders University of Illinois TCIPG Center Overview TCIPG Summary Extend and integrate previously
More informationCybersecurity on a Global Scale
Cybersecurity on a Global Scale Time-tested Leadership A global leader for more than a century with customers in 80 nations supported by offices in 19 countries worldwide, Raytheon recognizes that shared
More informationIn December 2011, the White House Office of Science. Introducing the federal cybersecurity R&D strategic plan. Leaping ahead on cybersecurity
Introducing the federal cybersecurity R&D strategic plan Douglas Maughan, Bill Newhouse, and Tomas Vagoun In December 2011, the White House Office of Science and Technology Policy (OSTP) released the document,
More informationCyber Watch. Written by Peter Buxbaum
Cyber Watch Written by Peter Buxbaum Security is a challenge for every agency, said Stanley Tyliszczak, vice president for technology integration at General Dynamics Information Technology. There needs
More informationNational Cybersecurity Challenges and NIST. Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity
National Cybersecurity Challenges and NIST Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity Though no-one knows for sure, corporate America is believed to lose anything
More information(U) Appendix D: Evaluation of the Comprehensive National Cybersecurity Initiative
(U) Appendix D: Evaluation of the Comprehensive National Cybersecurity Initiative (U) Presidential Directive NSPD 54/HSPD 23, Cybersecurity Policy, established United States policy, strategy, guidelines,
More informationCyber Security Research and Development: A Homeland Security Perspective
Cyber Security Research and Development: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D 202-772-9867 Outline! DHS Organizational Overview Cyber Security Stakeholders
More informationDHS S&T Cyber Security Division (CSD) Strategic Vision
Homeland Security Advanced Research Projects Agency DHS S&T Cyber Security Division (CSD) Strategic Vision Douglas Maughan Division Director December 16, 2014 http://www.dhs.gov/cyber-research Presentation
More informationCyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.
Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control
More informationActions and Recommendations (A/R) Summary
Actions and Recommendations (A/R) Summary Priority I: A National Cyberspace Security Response System A/R 1-1: DHS will create a single point-ofcontact for the federal government s interaction with industry
More informationIntroduction. Opening Presentation. 1 http://www.whitehouse.gov/blog/2011/12/06/federal-cybersecurity-rd-strategic-plan-released
National Conversation A Trusted Cyber Future Minneapolis Led by Dr. Douglas Maughan, Division Director and Dr. Daniel Massey, Program Manager Department of Homeland Security Science and Technology Directorate
More informationDOE Cyber Security Policy Perspectives
DOE Cyber Security Policy Perspectives Mike Smith Senior Cyber Policy Advisor to the Assistant Secretary Department of Energy Overview of DOE Cybersecurity Priorities Protecting the DOE Enterprise from
More informationGAO CYBERSECURITY. Progress Made but Challenges Remain in Defining and Coordinating the Comprehensive National Initiative
GAO United States Government Accountability Office Report to Congressional Requesters March 2010 CYBERSECURITY Progress Made but Challenges Remain in Defining and Coordinating the Comprehensive National
More informationCyber Security and Privacy - Program 183
Program Program Overview Cyber/physical security and data privacy have become critical priorities for electric utilities. The evolving electric sector is increasingly dependent on information technology
More informationCyberSecurity Solutions. Delivering
CyberSecurity Solutions Delivering Confidence Staying One Step Ahead Cyber attacks pose a real and growing threat to nations, corporations and individuals globally. As a trusted leader in cyber solutions
More informationCyber Security Research Developments Global and Indian Context
Cyber Security Research Developments Global and Indian Context Authors: Atul Kumar, Sr. Analyst Chiranshu Ahuja, Sr. Analyst 1. Problem Definition Today, given the increasing dependence on information
More informationNICE and Framework Overview
NICE and Framework Overview Bill Newhouse NIST NICE Leadership Team Computer Security Division Information Technology Lab National Institute of Standards and Technology TABLE OF CONTENTS Introduction to
More informationNew Era in Cyber Security. Technology Development
New Era in Cyber New Era in Cyber Security Security Technology Technology Development Development Combining the Power of the Oil and Gas Industry, DHS, and the Vendor Community to Combat Cyber Security
More informationRefining Security: A Case Study of Public/Private Collaboration to Further PCS Security in the Energy Sector
Refining Security: A Case Study of Public/Private Collaboration to Further PCS Security in the Energy Sector Martha Austin, Executive Director The Institute for Information Infrastructure Protection (I3P)
More informationMESSAGE FROM THE SECRETARY... ii EXECUTIVE SUMMARY... iii INTRODUCTION... 1 THE FUTURE WE SEEK... 5
TABLE OF CONTENTS MESSAGE FROM THE SECRETARY... ii EXECUTIVE SUMMARY... iii INTRODUCTION... 1 SCOPE... 2 RELATIONSHIP TO OTHER KEY POLICIES AND STRATEGIES... 3 MOTIVATION... 3 STRATEGIC ASSUMPTIONS...
More informationIndustry involvement in education and research - TCIPG
1 Industry involvement in education and research - TCIPG Peter W. Sauer and William H. Sanders (and the TCIPG team) IEEE/PES GM, Denver, CO July 29, 2015 Outline History and facts TCIPG Overview and Vision
More informationSCADA Security Training
SCADA Security Training 1-Day Course Outline Wellington, NZ 6 th November 2015 > Version 3.1 web: www.axenic.co.nz phone: +64 21 689998 page 1 of 6 Introduction Corporate Background Axenic Ltd Since 2009,
More informationDepartment of Homeland Security Federal Government Offerings, Products, and Services
Department of Homeland Security Federal Government Offerings, Products, and Services The Department of Homeland Security (DHS) partners with the public and private sectors to improve the cybersecurity
More informationCybersecurity Delivering Confidence in the Cyber Domain
Cybersecurity Delivering Confidence in the Cyber Domain With decades of intelligence and cyber expertise, Raytheon offers unmatched, full-spectrum, end-to-end cyber solutions that help you secure your
More informationToward a Federal Cybersecurity Research Agenda: Three Game-changing Themes
Toward a Federal Cybersecurity Research Agenda: Three Game-changing Themes Toward a Federal Cybersecurity Research Agenda: Three Game-changing Themes Dr. Jeannette Wing Assistant Director for Computer
More informationWritten Statement of Richard Dewey Executive Vice President New York Independent System Operator
Written Statement of Richard Dewey Executive Vice President New York Independent System Operator Senate Standing Committee on Veterans, Homeland Security and Military Affairs Senator Thomas D. Croci, Chairman
More informationUpdate On Smart Grid Cyber Security
Update On Smart Grid Cyber Security Kshamit Dixit Manager IT Security, Toronto Hydro, Ontario, Canada 1 Agenda Cyber Security Overview Security Framework Securing Smart Grid 2 Smart Grid Attack Threats
More informationOutline. Who conducts research related to CIIP in the U.S.? Universities. What is Critical Information Infrastructure? Who sponsors this research?
Critical Information Infrastructure Research in the U.S. An informal status report The 2nd US-Japan Experts Workshop on Critical Information Infrastructure Protection (CIIP) Tokyo, Japan Outline Definitions,
More informationCYBERINFRASTRUCTURE FRAMEWORK FOR 21 ST CENTURY SCIENCE, ENGINEERING, AND EDUCATION (CIF21)
CYBERINFRASTRUCTURE FRAMEWORK FOR 21 ST CENTURY SCIENCE, ENGINEERING, AND EDUCATION (CIF21) Overview The Cyberinfrastructure Framework for 21 st Century Science, Engineering, and Education (CIF21) investment
More informationPanel Session: Lessons Learned in Smart Grid Cybersecurity
PNNL-SA-91587 Panel Session: Lessons Learned in Smart Grid Cybersecurity TCIPG Industry Workshop Jeff Dagle, PE Chief Electrical Engineer Advanced Power and Energy Systems Pacific Northwest National Laboratory
More informationReliable, Repeatable, Measurable, Affordable
Reliable, Repeatable, Measurable, Affordable Defense-in-Depth Across Your Cyber Security Life-Cycle Faced with today s intensifying threat environment, where do you turn for cyber security answers you
More informationSeptember 4, 2003. appearing before you today. I am here to testify about issues and challenges in providing for
Testimony of John A. McCarthy, Director of the Critical Infrastructure Protection Project, George Mason School of Law Before a joint hearing of the House Subcommittee on Infrastructure Security and The
More informationCybersecurity at the Nexus of a Hyper- Connected World
Cybersecurity at the Nexus of a Hyper- Connected World Azer Bestavros, Wayne Burleson, Frans Kaashoek, Greg Morrisett, and Engin Kirda Draft of April 4, 2012 This document identifies a number of major
More informationFedVTE Training Catalog SPRING 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov
FedVTE Training Catalog SPRING 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov If you need any assistance please contact the FedVTE Help Desk here or email the
More informationDHS, National Cyber Security Division Overview
DHS, National Cyber Security Division Overview Hun Kim, Deputy Director Strategic Initiatives Information Analysis and Infrastructure Protection Directorate www.us-cert.gov The strategy of DHS, as defined
More informationTHE WHITE HOUSE. Office of the Press Secretary. For Immediate Release February 12, 2013. February 12, 2013
THE WHITE HOUSE Office of the Press Secretary For Immediate Release February 12, 2013 February 12, 2013 PRESIDENTIAL POLICY DIRECTIVE/PPD-21 SUBJECT: Critical Infrastructure Security and Resilience The
More informationNIST Cybersecurity Initiatives. ARC World Industry Forum 2014
NIST Cybersecurity Initiatives Keith Stouffer and Vicky Pillitteri NIST ARC World Industry Forum 2014 February 10-13, 2014 Orlando, FL National Institute of Standards and Technology (NIST) NIST s mission
More informationAT&T Cybersecurity Policy Overview
AT&T Cybersecurity Policy Overview Chris Boyer AVP Public Policy July 24, 2012 2011 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks
More informationPREDICT: A Data Repository for Cyber Security Research
PREDICT: A Data Repository for Cyber Security Research Charlotte Scheper RTI International Manish Karir DHS S&T 1 RTI International is a trade name of Research Triangle Institute. www.rti.org What is PREDICT?
More informationParticipants: Introduction:
National Conversation A Trusted Cyber Future Discussion Led by Dan Massey, CSD Program Manager Moderator: Joe Gersch (Secure 64) Department of Homeland Security Science and Technology Directorate (DHS
More informationDHS S&T Cyber Security Division (CSD) PREDICT Overview
Homeland Security Advanced Research Projects Agency DHS S&T Cyber Security Division (CSD) PREDICT Overview Douglas Maughan Division Director November 2, 2015 http://www.dhs.gov/cyber-research DHS S&T Research
More informationGlobal Cyber Range (GCR) Empowering the Cybersecurity Professional (CyPro)
Global Cyber Range (GCR) Empowering the Cybersecurity Professional (CyPro) NICE Conference 2014 CYBERSECURITY RESILIENCE A THREE TIERED SOLUTION NIST Framework for Improving Critical Infrastructure Cybersecurity
More informationSECURE AND TRUSTWORTHY CYBERSPACE (SaTC) $124,250,000 +$1,500,000 / 1.2%
SECURE AND TRUSTWORTHY CYBERSPACE (SaTC) $124,250,000 +$1,500,000 / 1.2% Overview The Secure and Trustworthy Cyberspace (SaTC) investment is aimed at building a cybersecure society and providing a strong
More informationNetwork Security Deployment (NSD)
Network Security Deployment (NSD) National Cybersecurity Protection System (NCPS) 11 July 2012 What is the NCPS? National Cybersecurity Protection System (NCPS) is the program of record within the Department
More informationCybersecurity in the Utilities Sector Best Practices and Implementation 2014 Canadian Utilities IT & Telecom Conference September 24, 2014
Cybersecurity in the Utilities Sector Best Practices and Implementation 2014 Canadian Utilities IT & Telecom Conference September 24, 2014 Victoria Yan Pillitteri Advisor for Information Systems Security
More informationNational Initiative for Cyber Security Education
2014/PPWE/SEM2/007 Agenda Item: 5 National Initiative for Cyber Security Education Submitted by: United States Women Business and Smart Technology Seminar Beijing, China 23 May 2014 NICE OVERVIEW Women
More informationMicrosoft s cybersecurity commitment
Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade
More informationLOGIIC Remote Access. Final Public Report. June 2015 1 LOGIIC - APPROVED FOR PUBLIC DISTRIBUTION
LOGIIC Remote Access June 2015 Final Public Report Document Title LOGIIC Remote Monitoring Project Public Report Version Version 1.0 Primary Author A. McIntyre (SRI) Distribution Category LOGIIC Approved
More informationCybersecurity Resources
Assessment Resources Cybersecurity Resources Cyber Resiliency Review (CRR) is a DHS assessment tool that measures the implementation of key cybersecurity capacities and capabilities. The goal of the CRR
More informationFedVTE Training Catalog SUMMER 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov
FedVTE Training Catalog SUMMER 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov Access FedVTE online at: fedvte.usalearning.gov If you need any assistance please
More informationNational Cyber Security Policy -2013
National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information
More informationICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team. National Cybersecurity and Communications Integration Center
ICS-CERT Year in Review Industrial Control Systems Cyber Emergency Response Team 2013 National Cybersecurity and Communications Integration Center What s Inside Welcome 1 National Preparedness 2 Prevention
More informationIntroduction to NICE Cybersecurity Workforce Framework
Introduction to NICE Cybersecurity Workforce Framework Jane Homeyer, Ph.D., Deputy ADNI/HC for Skills and Human Capital Data, ODNI Margaret Maxson, Director, National Cybersecurity Education Strategy,
More informationCybersecurity Framework: Current Status and Next Steps
Cybersecurity Framework: Current Status and Next Steps Federal Advisory Committee on Insurance November 6, 2014 Adam Sedgewick Senior IT Policy Advisor Adam.Sedgewick@nist.gov National Institute of Standards
More informationCyberSkills Management Support Initiative
CyberSkills Management Support Initiative GROWING THE PIPELINE FOR CYBERTALENT THROUGH VOLUNTEER OPPORTUNITIES November 6, 2014 November 6, 2014 Background In June 2012, Secretary Napolitano announced
More informationCybersecurity and internal audit. August 15, 2014
Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices
More informationHow To Write A Cybersecurity Framework
NIST Cybersecurity Framework Overview Executive Order 13636 Improving Critical Infrastructure Cybersecurity 2nd ENISA International Conference on Cyber Crisis Cooperation and Exercises Executive Order
More informationWhy Cybersecurity Matters in Government Contracting. Robert Nichols, Covington & Burling LLP
Why Cybersecurity Matters in Government Contracting Robert Nichols, Covington & Burling LLP Cybersecurity is the No. 1 Concern of General Counsel and Directors 2 Cybersecurity Concerns in the Government
More informationNIST Cloud Computing Program Activities
NIST Cloud Computing Program Overview The NIST Cloud Computing Program includes Strategic and Tactical efforts which were initiated in parallel, and are integrated as shown below: NIST Cloud Computing
More informationCyber Incident Annex. Cooperating Agencies: Coordinating Agencies:
Cyber Incident Annex Coordinating Agencies: Department of Defense Department of Homeland Security/Information Analysis and Infrastructure Protection/National Cyber Security Division Department of Justice
More informationSDN Security Challenges. Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015
SDN Security Challenges Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015 Cybersecurity Enhancement Act 2014 Public-Private Collaboration on Security (NIST
More informationNetwork Security Deployment Obligation and Expenditure Report
Network Security Deployment Obligation and Expenditure Report First and Second Quarters, Fiscal Year 2015 June 16, 2015 Fiscal Year 2015 Report to Congress National Protection and Programs Directorate
More informationThe Cyber Security Crisis
The Cyber Security Crisis Eugene H. Spafford Professor & Executive Director CERIAS http://www.cerias.purdue.edu/ The State of Cybersecurity Overwhelming vulnerabilities About 4000 in each of 2003, 2004
More informationBio-Inspired Anomaly Detection
Bio-Inspired Anomaly Detection Cyber Security Division 2012 Principal Investigators Meeting 10/11/12 S. Raj Rajagopalan Scientist HP Labs/Honeywell Sraj.raj@gmail.com 908-305-1681 Bio-Inspired Anomaly
More informationDepartment of Homeland Security
11 Department of Homeland Security Jodi Lieberman American Physical Society Highlights The FY 2014 Department of Homeland Security (DHS) Science and Technology Directorate (S&T) request totals $1.5 billion,
More informationAn Overview of Large US Military Cybersecurity Organizations
An Overview of Large US Military Cybersecurity Organizations Colonel Bruce D. Caulkins, Ph.D. Chief, Cyber Strategy, Plans, Policy, and Exercises Division United States Pacific Command 2 Agenda United
More informationComputer Network Security & Privacy Protection
Overview Computer Network Security & Privacy Protection The Nation s electronic information infrastructure is vital to the functioning of the Government as well as maintaining the Nation s economy and
More informationOffice of Emergency Communications (OEC) Mobile Applications for Public Safety (MAPS)
Office of Emergency Communications (OEC) Mobile Applications for Public Safety (MAPS) PSCR Public Safety Broadband Stakeholder Conference June 4 th, 2014 Alex Kreilein Technology Policy Strategist Office
More informationIntegrating Cybersecurity with Emergency Operations Plans (EOPs) for K-12 Education
Integrating Cybersecurity with Emergency Operations Plans (EOPs) for K-12 Education Amy Banks, U.S. Department of Education, Center for School Preparedness, Office of Safe and Healthy Students Hamed Negron-Perez,
More informationTRUST Background. National Science Foundation Office of Integrative Activities (OIA) Core Funding (FY2005-2015)
TRUST TRUST: : Team for Research in Ubiquitous Secure Technology A Collaborative Approach to Advancing Cyber Security Research and Development Larry Rohrbough Executive Director, TRUST University of California,
More informationCapabilities for Cybersecurity Resilience
Capabilities for Cybersecurity Resilience In the Homeland Security Enterprise May 2012 DHS Cybersecurity Strategy A cyberspace that: Is Secure and Resilient Enables Innovation Protects Public Advances
More informationCYBER SECURITY GUIDANCE
CYBER SECURITY GUIDANCE With the pervasiveness of information technology (IT) and cyber networks systems in nearly every aspect of society, effectively securing the Nation s critical infrastructure requires
More informationIndustrial Control Systems Security Guide
Industrial Control Systems Security Guide Keith Stouffer, Engineering Lab National Institute of Standards and Technology NIST SP 800-82, Rev 2 and ICS Cybersecurity Testbed Keith Stouffer Project Leader,
More information