DHS S&T Cyber Security R&D Program
|
|
- Shanon Cunningham
- 8 years ago
- Views:
Transcription
1 Dept. of Homeland Security Science & Technology Directorate DHS S&T Cyber Security R&D Program PSU NSRC Industry Day State College, PA October 17, 2006 Douglas Maughan, Ph.D. Program Manager, HSARPA / /17/2006 1
2 National Strategy for Homeland Security The Department s strategic goals and objectives are directly linked to accomplishing the three objectives of the National Strategy: 1) Prevent terrorist attacks within the United States; 2) Reduce America s vulnerability to terrorism; and 3) Minimize the damage and recover from attacks that do occur. 10/17/2006 2
3 Homeland Security Mission Lead unified national effort to secure America Prevent terrorist attacks within the U.S. Respond to threats and hazards to the nation Ensure safe and secure borders Welcome lawful immigrants and visitors Promote free flow of commerce 10/17/2006 3
4 Department of Homeland Security Organization Chart (proposed end state) 10/17/2006 4
5 Science and Technology (S&T) Mission Conduct, stimulate, and enable research, development, test, evaluation and timely transition of homeland security capabilities to federal, state and local operational end-users. 10/17/2006 5
6 Crosscutting Portfolio Areas Chemical Biological Radiological Nuclear High Explosives Cyber Security Critical Infrastructure Protection (CIP) 10/17/2006 6
7 Customer Specific Portfolios Borders and & Transportation Security Emergency Preparedness and Response US Coast Guard US Secret Service State & Local Responders Threat & Vulnerability, Testing & Assessment 10/17/2006 7
8 HSARPA Mission Engage the Private Sector in R&D to satisfy homeland security needs Satisfy operational requirements Conduct rapid prototyping and commercial adaptation Research & develop revolutionary options 10/17/2006 8
9 R&D Execution Model Post R&D Customers * NCSD * NCS * OCIO * USSS * National Documents Customers Other Sectors e.g., Banking & Finance Prioritized Requirements Pre R&D Critical Critical Infrastructure Infrastructure Providers Providers Outreach Venture Community & Industry Experiments and Exercises R&D Coordination Government & Industry Workshops CIP Sector Roadmaps DNSSEC R&D SPRI Solicitation Preparation Cyber Security Assessment Rapid Prototyping Emerging Threats External (e.g., I3P) Supporting Programs BAAs SBIRs DETER PREDICT 10/17/2006 9
10 Cyber Security Program Areas Information Infrastructure Security Domain Name System Security (DNSSEC) Secure Protocols for the Routing Infrastructure (SPRI) Cyber Security Assessment Cyber Security Research Tools and Techniques Cyber Security Testbed (DETER) Large Scale Datasets (PREDICT) Experiments and Exercises Next Generation Technologies BAA Other Activities (SBIR, RTAP, I3P, Emerging Threats, ITTC, Outreach, Government Coordination) 10/17/
11 Information Infrastructure Security (IIS) 10/17/
12 Information Infrastructure Security Motivation The National Strategy to Secure Cyberspace (2003) recognized the DNS and BGP as critical weaknesses of the Internet infrastructure NSSC called for the Department of Homeland Security to coordinate public-private partnerships to encourage the adoption of improved security protocols, such as DNSSEC and Secure BGP The security and continued functioning of the Internet will be greatly influenced by the success or failure of implementing more secure and more robust BGP and DNS. The Nation has a vital interest in ensuring that this work proceeds. The government should play a role when private efforts break down due to a need for coordination or a lack of proper incentives. 10/17/
13 DNSSEC Initiative Activities Roadmap published in February Multiple workshops held world-wide (ICANN, IETF, RIRs) DNSSEC testbed developed at NIST Involvement with numerous deployment pilots Publicity and awareness plan DNSSEC Newsletter Working with U.S. Civilian government (.gov) to develop policy and technical guidance for secure DNS operations and beginning deployment activities at all levels. Working with the operators of the.us and.mil zones towards DNSSEC deployment and compliance 10/17/
14 Secure Protocols for the Routing Infrastructure (SPRI) BGP is the routing protocol that connects ISPs and subscriber networks together to form the Internet BGP does not forward subscriber traffic, but it determines the paths subscriber traffic follows The BGP architecture makes it highly vulnerable to human errors and malicious attacks against Links between routers The routers themselves Management stations that control routers Work with industry to develop solutions for our current routing security problems and future technologies 10/17/
15 SPRI Way Ahead Working with ARIN to clean up existing database and legacy address space problem Pre-1997 IP Addresses are not accounted for Working with ARIN and APNIC to deploy PKI between ICANN/IANA and registry and between registry and ISPs/customers Working with ISPs to identify remaining R&D and necessary tools for secure routing management 10/17/
16 Cyber Security Research Tools and Techniques (RTT) 10/17/
17 DHS / NSF Cyber Security Testbed Justification and Requirements for a National DDOS Defense Technology Evaluation Facility, July 2002 We still lack large-scale deployment of security technology sufficient to protect our vital infrastructures Recent investment in research on cyber security technologies by government agencies (NSF, DARPA, armed services) and industry. One important reason is the lack of an experimental infrastructure and rigorous scientific methodologies for developing and testing next-generation defensive cyber security technology The goal is to create, operate, and support a researcher-andvendor-neutral experimental infrastructure that is open to a wide community of users and produce scientifically rigorous testing frameworks and methodologies to support the development and demonstration of next-generation cyber defense technologies 10/17/
18 DETER Experimenters Community User Organizations Bell Labs Boeing Phantom Works Columbia University Cs3 Inc. Dalhousie University Federated Investors Flux Group, University of Utah George Mason University HP Labs ICSI / LBNL Information Sciences Institute IntruGuard Devices, Inc. Juniper Lehigh University McAfee Research National Cyber-Forensics and Training Alliance Naval Postgraduate School Network Associates Laboratories New Jersey Institute of Technology Penn State University Princeton University Purdue University Rutgers University Sandia National Laboratories Secure64 Software Corp SPARTA, Inc. SRI International Telcordia Technologies Technical University Berlin The SANS Institute UC Berkeley UC Davis UC Irvine UC Santa Cruz UC San Diego Univ. of North Carolina at Charlotte University of Delaware University of Illinois, Urbana-Champaign University of Maryland University of Texas at Austin Warrior LLC Washington University in St. Louis Western Michigan University 10/17/
19 A Protected REpository for Defense of Infrastructure against Cyber Threats PREDICT Program Objective To advance the state of the research and commercial development (of network security products ) we need to produce datasets for information security testing and evaluation of maturing networking technologies. Rationale / Background / Historical: Researchers with insufficient access to data unable to adequately test their research prototypes Government technology decision-makers with no data to evaluate competing products End Goal: Improve the quality of defensive cyber security technologies 10/17/
20 Data Collection Activities Classes of data that are interesting, people want collected, and seem reasonable to collect Netflow Packet traces headers and full packet (context dependent) Critical infrastructure BGP and DNS data Topology data IDS / firewall logs Performance data Network management data (i.e., SNMP) VoIP (1400 IP-phone network) Blackhole Monitor traffic 10/17/
21 Experiments and Exercises Experiments U.S. / Canada Secure Blackberry Experiment PSTP-agreed upon deployment activity Oil and Gas Sector Working with industry, labs, researchers, and vendors Department of Treasury Exercises FS ISAC, FSSCC, Numerous sector participants National Cyber Security Exercise (Cyber Storm) DETER Testbed 10/17/
22 US-CAN Secure Wireless Trial Objective Test effectiveness of US/Canadian crossborder secure wireless architecture to cope with real-time communication in variety of scenarios Technologies PKI (S/MIME), Identity-based encryption, enforcement of policy and compliance Trial Activity July 2005: U.S.-only initial four-day test period October 2005: Four-day test period with 35 activities and with 40+ participants acting out homeland security scenarios using BlackBerry devices 10/17/
23 Partnership Project LOGIIC is a model for government-industry technology integration and demonstration efforts to address critical R&D needs Industry contributes Requirements and operational expertise Project management Product vendor channels DHS S&T contributes National Security Perspective on threats Access to long term security research Independent researchers with technical expertise Testing facilities 10/17/
24 Overview Opportunity: Reduce vulnerabilities of oil & gas process control environments by correlating and analyzing abnormal events to identify and prevent cyber security threats Approach: Identify new types of security sensors for process control networks Adapt a best-of-breed correlation engine to this environment Integrate in testbed and demonstrate Transfer technology to industry External Events Business Network Attack Indications and Warnings LOGIIC Correlation Engine Process Control Network 10/17/
25 Next Generation Cyber Security Technologies (NGT) 10/17/
26 HSARPA Cyber Security Broad Area Announcement (BAA 04-17) The goals of the Cyber Security Research and Development (CSRD) program are: To perform research and development (R&D) aimed at improving the security of existing deployed technologies and to ensure the security of new emerging systems; To develop new and enhanced technologies for the detection of, prevention of, and response to cyber attacks on the nation s critical information infrastructure. To facilitate the transfer of these technologies into the national infrastructure as a matter of urgency. 10/17/
27 BAA Technical Topic Areas (TTAs) System Security Engineering Vulnerability Prevention Vulnerability Discovery and Remediation Cyber Security Assessment (i.e., Metrics) Security of Operational Systems Security and Trustworthiness for Critical Infrastructure Protection Wireless Security Investigative and Prevention Technologies Network Attack Forensics (e.g., Traceback) Technologies to Defend against Identity Theft 10/17/
28 BAA Program / Proposal Structure NOTE: Deployment Phase = Test, Evaluation, and Pilot deployment in (DHS) customer environments Type I (New Technologies) New technologies with an applied research phase, a development phase, and a deployment phase (optional) Funding not to exceed 36 months (including deployment phase) Type II (Prototype Technologies) More mature prototype technologies with a development phase and a deployment phase (optional) Funding not to exceed 24 months (including deployment phase) Type III (Mature Technologies) Mature technology with a deployment phase only. Funding not to exceed 12 months 10/17/
29 Other Activities: SBIR RTAP I3P Emerging Threats ITTC Outreach R&D Coordination 10/17/
30 Small Business Innovative Research (SBIR) FY04 Cross-Domain Attack Correlation Technologies Real-Time Malicious Code Identification FY05 Hardware-assisted System Security Monitoring FY06 Network-based Boundary Controllers Botnet Detection and Mitigation 10/17/
31 Rapid Technology Application Program (RTAP) - Cyber Security Topics BOTNET Detection and Mitigation Tool Customer: NCSD Exercise Scenario Modeling Tool Customer: NCSD DHS Secure Wireless Access Prototype Customer: S&T OCIO 10/17/
32 The Institute for Information Infrastructure Protection (I3P) The I3P is a consortium of 30 academic and not-forprofit research organizations The I3P was formed in September 2001 and funded by congressionally appropriated funds assigned to Dartmouth College ($17.8M) Two major research programs Process Control (PCS) and Supervisory Control and Data Acquisition (SCADA) systems Economic and policy issues associated with cyber security deployment 10/17/
33 Emerging Threats Virtual Machine Environment - Detection and Escape Prevention Vulnerability Discovery and Defenses for Virtual Machines Next Generation Crimeware Defenses Research new techniques for defending against next generation malicious software Botnet Command & Control Detection and Mitigation Examine defenses needed to counter new methods of Botnet C&C 10/17/
34 ITTC The DHS-SRI Identity Theft Technology Council ITTC is an expanded Silicon Valley expert group originally convened by the U.S. Secret Service Experts and leaders from Government Financial and IT sectors Venture capital Academia and science ITTC works closely with The Anti-Phishing Working Group (APWG) ITTC Coordinator: Robert Rodriguez, retired head of the Secret Service Field Office in San Francisco The ITTC was formed in April 2005, and has four active working groups: Reports / Studies Phishing Technology Crimeware Data collection and sharing Future threats Development and deployment 10/17/
35 Commercial Outreach Strategy Assist commercial companies in providing technology to DHS and other government agencies Emerging Security Technology Forum (ESTF) Assist DHS S&T-funded researchers in transferring technology to larger, established security technology companies DHS Mentor / Protégé program, System Integrator Forum (Jan. 17, 2007 WDC) Partner with the venture capital community to transfer technology to existing portfolio companies, or to create new ventures Cyber Entrepreneurs Workshop (Mar. 14, 2007 Stanford) Government Funder/Customer Established Commercial Companies DHS Researchers Emerging Commercial Companies Commercial Customers 10/17/
36 NITRD Program Coordination White House Executive Office of the President Office of Science and Technology Policy National Science and Technology Council U.S. Congress NITRD Agency Authorization and Appropriations Legislation Committee on Technology Committee on Homeland and National Security National Coordination Office (NCO) for Networking and Information Technology Research and Development Subcommittee on Networking and Information Technology Research and Development (NITRD) Subcommittee on Infrastructure High End Computing (HEC) Interagency Working Group Cyber Security and Information Assurance (CSIA) Interagency Working Group Large Scale Networking (LSN) Coordinating Group High Confidence Software and Systems (HCSS) Coordinating Group Human Computer Interaction and Information Management (HCI&IM) Coordinating Group Software Design and Productivity (SDP) Coordinating Group Social, Economic, and Workforce Implications of IT and IT Workforce Development (SEW) Coordinating 10/17/2006 Group36
37 Federal Plan for Cyber Security and Information Assurance (CSIA) R&D Overarching categories Functional Cyber Security Needs Needs for Securing the Infrastructure Cyber Security Assessment and Characterization Foundations for Cyber Security Domain-Specific Security Needs Enabling Technologies for Cyber Security and Information Assurance R&D Advanced and Next-Generation Systems and Architecture for Cyber Security Social Dimensions of Cyber Security 10/17/
38 IRC Hard Problem List (HPL) Topics 1. GLOBAL SCALE IDENTITY MANAGEMENT 2. INSIDER THREAT 3. AVAILABILITY OF TIME-CRITICAL SYSTEMS 4. BUILDING SCALABLE SECURE SYSTEMS 5. ATTACK ATTRIBUTION AND SITUATIONAL UNDERSTANDING 6. INFORMATION PROVENANCE 7. SECURITY WITH PRIVACY 8. ENTERPRISE LEVEL SECURITY METRICS 10/17/
39 Other Areas of Interest Cyber Situational Awareness Indications & Warnings Attack Data Visualization Insider Threat Detection & Mitigation Information Privacy Technologies Secure operating systems (open source) Network modeling and simulation security policy reconfiguration impact on networks 10/17/
40 Tackling Cyber Security R&D Challenges: Not Business as Usual Strong mission focus (avoid mission creep) Close coordination with other Federal agencies Outreach to communities outside of the Federal government Building public-private partnerships (the industrygovernment *dance* is a new tango) Strong emphasis on technology diffusion and technology transfer Migration paths to a more secure infrastructure Awareness of economic realities 10/17/
41 Summary DHS S&T is moving forward with an aggressive cyber security research agenda Working with the community to solve the cyber security problems of our current infrastructure DNSSEC, Secure Routing Working with academe and industry to improve research tools and datasets DHS/NSF Cyber Security Testbed, PREDICT Looking at future RDT&E agendas with the most impact for the nation BAA 04-17, SBIRs, RTAP, Emerging Threats 10/17/
42 Douglas Maughan, Ph.D. Program Manager, HSARPA / For more information, visit 10/17/
Cyber Security Research and Development a Homeland Security Perspective
FBI ----------------------------------------- INFRAGARD National Conference ----------------------------------------- 2005 Cyber Security Research and Development a Homeland Security Perspective Annabelle
More informationDHS S&T Cyber Security Division (CSD) Overview
Dept. of Homeland Security Science & Technology Directorate DHS S&T Cyber Security Division (CSD) Overview TCIPG Industry Workshop UIUC November 8, 2011 Greg Wigton Program Manager Cyber Security Division
More informationCyber Security Research and Development: A Homeland Security Perspective
Cyber Security Research and Development: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D 202-772-9867 Outline! DHS Organizational Overview Cyber Security Stakeholders
More informationCyber Security Division Overview
Homeland Security Advanced Research Projects Agency Cyber Security Division Overview Douglas Maughan, Ph.D. Director October 9, 2012 http://www.cyber.st.dhs.gov Environment: Greater Use of Technology,
More informationBenefits of Collaborative Science and Innovation - Improve Cyber Security
Public-Private Cooperation in Cybersecurity Research Strategy Development across the Globe A View from the U.S. Department of Homeland Security (DHS) Background Envision a future... in which universities
More informationDHS S&T Cyber Security Division (CSD) Overview
Dept. of Homeland Security Science & Technology Directorate DHS S&T Cyber Security Division (CSD) Overview NDIA Executive Briefing Crystal City, VA February 17, 2011 Douglas Maughan, Ph.D. Division Director
More informationDHS S&T Cyber Security Division (CSD) Overview
Dept. of Homeland Security Science & Technology Directorate DHS S&T Cyber Security Division (CSD) Overview BAA 11-XX Industry Day WDC November 17, 2010 Douglas Maughan, Ph.D. Division Director Cyber Security
More informationGovernment Research Needs: Who Funds What?
Dept. of Homeland Security Science & Technology Directorate Government Research Needs: Who Funds What? ACSAC 2009 Honolulu, HI December 10, 2009 Douglas Maughan, Ph.D. Branch Chief / Program Mgr. douglas.maughan@dhs.gov
More informationDHS, National Cyber Security Division Overview
DHS, National Cyber Security Division Overview Hun Kim, Deputy Director Strategic Initiatives Information Analysis and Infrastructure Protection Directorate www.us-cert.gov The strategy of DHS, as defined
More informationUS Federal Cyber Security Research Program. NITRD Program
US Federal Cyber Security Research Program NITRD Program Purpose The primary mechanism by which the U.S. Government coordinates its unclassified Networking and IT R&D (NITRD) investments Supports NIT-related
More informationActions and Recommendations (A/R) Summary
Actions and Recommendations (A/R) Summary Priority I: A National Cyberspace Security Response System A/R 1-1: DHS will create a single point-ofcontact for the federal government s interaction with industry
More informationMary Ellen Seale National Protection and Programs Directorate May 16, 2012
Finding & Integrating CyberTech in the U.S. Government Mary Ellen Seale National Protection and Programs Directorate May 16, 2012 Obtaining Federal Funding Understanding the Landscape Contracting Small
More informationTerry Benzel USC Information Sciences Institute May 19, 2013 The Science of Cyber Security Experimentation
Terry Benzel USC Information Sciences Institute May 19, 2013 The Science of Cyber Security Experimentation Background Cyber-threat continues to accelerate Far fewer cyber-defense technologies Gap between
More informationTerry Benzel USC Information Sciences Institute December 9, 2011 Annual Computer Security Applications Conference
Terry Benzel USC Information Sciences Institute December 9, 2011 Annual Computer Security Applications Conference Large, Complex, Interconnected Slow to evolve Legacy Subsytems System of Systems Connected
More informationUS Federal Cyber Security Research Program November 15, 2012 New England Advanced Cyber Security Center Workshop Bill Newhouse (NIST)
US Federal Cyber Security Research Program November 15, 2012 New England Advanced Cyber Security Center Workshop Bill Newhouse (NIST) william.newhouse@nist.gov NITRD Structure for US Federal Cybersecurity
More informationOutline. Who conducts research related to CIIP in the U.S.? Universities. What is Critical Information Infrastructure? Who sponsors this research?
Critical Information Infrastructure Research in the U.S. An informal status report The 2nd US-Japan Experts Workshop on Critical Information Infrastructure Protection (CIIP) Tokyo, Japan Outline Definitions,
More informationGovernment Perspectives on the Future of Advanced Networking Technologies
Government Perspectives on the Future of Advanced Networking Technologies Combined briefings presented at: GLOBALCOMM GLOBALCOMM Government Summit and Innovations Summit June 5, 2006 June 7, 2006 Simon
More informationDHS S&T Cyber Security R&D Programs
Homeland Security Advanced Research Projects Agency DHS S&T Cyber Security R&D Programs Ann Cox, PhD Program Manager October 24, 2014 http://www.dhs.gov/cyber-research Presentation Outline Threat Space
More informationPreventing and Defending Against Cyber Attacks October 2011
Preventing and Defending Against Cyber Attacks October 2011 The Department of Homeland Security (DHS) is responsible for helping Federal Executive Branch civilian departments and agencies secure their
More informationDHS S&T Cyber Security Division (CSD) PREDICT Overview
Homeland Security Advanced Research Projects Agency DHS S&T Cyber Security Division (CSD) PREDICT Overview Douglas Maughan Division Director November 2, 2015 http://www.dhs.gov/cyber-research DHS S&T Research
More informationPreventing and Defending Against Cyber Attacks June 2011
Preventing and Defending Against Cyber Attacks June 2011 The Department of Homeland Security (DHS) is responsible for helping Federal Executive Branch civilian departments and agencies secure their unclassified
More informationPREDICT: A Data Repository for Cyber Security Research
PREDICT: A Data Repository for Cyber Security Research Charlotte Scheper RTI International Manish Karir DHS S&T 1 RTI International is a trade name of Research Triangle Institute. www.rti.org What is PREDICT?
More informationI3P SCADA Security Research Plan
I3P SCADA Security Research Plan Unifying Stakeholders and Security Programs to Address SCADA Vulnerability and Infrastructure Interdependency Ron Trellue, Team Lead Sandia National Laboratories 1 What
More informationThe Comprehensive National Cybersecurity Initiative
The Comprehensive National Cybersecurity Initiative President Obama has identified cybersecurity as one of the most serious economic and national security challenges we face as a nation, but one that we
More informationPreventing and Defending Against Cyber Attacks November 2010
Preventing and Defending Against Cyber Attacks November 2010 The Nation s first ever Quadrennial Homeland Security Review (QHSR), delivered to Congress in February 2010, identified safeguarding and securing
More informationTRUST Background. National Science Foundation Office of Integrative Activities (OIA) Core Funding (FY2005-2015)
TRUST TRUST: : Team for Research in Ubiquitous Secure Technology A Collaborative Approach to Advancing Cyber Security Research and Development Larry Rohrbough Executive Director, TRUST University of California,
More informationPanel on Emerging Cyber Security Technologies. Robert F. Brammer, Ph.D., VP and CTO. Northrop Grumman Information Systems.
Panel on Emerging Cyber Security Technologies Robert F. Brammer, Ph.D., VP and CTO Northrop Grumman Information Systems Panel Moderator 27 May 2010 Panel on Emerging Cyber Security Technologies Robert
More informationIn December 2011, the White House Office of Science. Introducing the federal cybersecurity R&D strategic plan. Leaping ahead on cybersecurity
Introducing the federal cybersecurity R&D strategic plan Douglas Maughan, Bill Newhouse, and Tomas Vagoun In December 2011, the White House Office of Science and Technology Policy (OSTP) released the document,
More informationHow To Transition Research Into Practice
2013 IEEE. Appears in IEEE Security & Privacy Magazine, Vol. 11, No. 2, March- April 2013, pp. 14-23. (https://ieeexplore.ieee.org/xpl/articledetails.jsp?tp=&arnumber=6493323) Crossing the Valley of Death
More informationVisualization, Modeling and Predictive Analysis of Internet Attacks. Thermopylae Sciences + Technology, LLC
Visualization, Modeling and Predictive Analysis of Internet Attacks Thermopylae Sciences + Technology, LLC Administrative POC: Ms. Jeannine Feasel, jfeasel@t-sciences.com Technical POC: George Romas, gromas@t-sciences.com
More informationProduct First Available September 11, 2006
1 Brief Product Description The LOGIIC cyber security system monitors an industrial facility s entire information infrastructure by combining relevant control system data with other security data. Product
More informationHomeland Open Security Technology HOST Program
Homeland Open Security Technology HOST Program Informational Briefing August 2011 Sponsored by: U.S. Department of Homeland Security Science and Technology Directorate Implemented by: Open Technology Research
More informationNew Era in Cyber Security. Technology Development
New Era in Cyber New Era in Cyber Security Security Technology Technology Development Development Combining the Power of the Oil and Gas Industry, DHS, and the Vendor Community to Combat Cyber Security
More informationHow To Improve Experimental Cybersecurity Research
Terry Benzel USC Information Sciences Institute May 18, 2015 The Science of Cyber Security Experimentation The DETER Project A research program: To advance capabilities for experimental cybersecurity research
More informationRefining Security: A Case Study of Public/Private Collaboration to Further PCS Security in the Energy Sector
Refining Security: A Case Study of Public/Private Collaboration to Further PCS Security in the Energy Sector Martha Austin, Executive Director The Institute for Information Infrastructure Protection (I3P)
More informationCyber Security Division FY 2012 Annual Report
Cyber Security Division FY 2012 Annual Report Cyber Security Divison FY 2012 Annual Report LETTER FROM THE DIRECTOR Douglas Maughan, Ph.D. Cyber adversaries continue to present a full spectrum of threats
More informationMiddle Class Economics: Cybersecurity Updated August 7, 2015
Middle Class Economics: Cybersecurity Updated August 7, 2015 The President's 2016 Budget is designed to bring middle class economics into the 21st Century. This Budget shows what we can do if we invest
More information2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy
2015 Michigan NASCIO Award Nomination Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy Sponsor: David Behen, DTMB Director and Chief Information Officer Program Manager: Rod Davenport,
More informationMARYLAND. Cyber Security White Paper. Defining the Role of State Government to Secure Maryland s Cyber Infrastructure.
MARYLAND Cyber Security White Paper Defining the Role of State Government to Secure Maryland s Cyber Infrastructure November 1, 2006 Robert L. Ehrlich, Jr., Governor Michael S. Steele, Lt. Governor Message
More informationHomeland Security: Information Assurance Challenges and Opportunities. Building the National Cyber Security Division
Homeland Security: Information Assurance Challenges and Opportunities Building the National Cyber Security Division The Homeland Security Act and national strategies direct DHS to take the lead on cyber
More informationCYBER SECURITY GUIDANCE
CYBER SECURITY GUIDANCE With the pervasiveness of information technology (IT) and cyber networks systems in nearly every aspect of society, effectively securing the Nation s critical infrastructure requires
More informationCybersecurity Resources
Assessment Resources Cybersecurity Resources Cyber Resiliency Review (CRR) is a DHS assessment tool that measures the implementation of key cybersecurity capacities and capabilities. The goal of the CRR
More informationStatement of Edward Amoroso, Ph.D. Senior Vice President & Chief Security Officer AT&T. United States House of Representatives
Statement of Edward Amoroso, Ph.D. Senior Vice President & Chief Security Officer AT&T Hearing: DHS s Cybersecurity Mission: Promoting Innovation and Securing Critical Infrastructure United States House
More informationDHS S&T Cyber Security Division (CSD) Strategic Vision
Homeland Security Advanced Research Projects Agency DHS S&T Cyber Security Division (CSD) Strategic Vision Douglas Maughan Division Director December 16, 2014 http://www.dhs.gov/cyber-research Presentation
More informationSECURE AND TRUSTWORTHY CYBERSPACE (SaTC)
SECURE AND TRUSTWORTHY CYBERSPACE (SaTC) Overview The Secure and Trustworthy Cyberspace (SaTC) investment is aimed at building a cybersecure society and providing a strong competitive edge in the Nation
More informationPREPUBLICATION COPY. More Intelligent, More Effective Cybersecurity Protection
More Intelligent, More Effective Cybersecurity Protection January 2013 Business Roundtable (BRT) is an association of chief executive officers of leading U.S. companies with more than $7.3 trillion in
More information7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008
U.S. D EPARTMENT OF H OMELAND S ECURITY 7 Homeland Fiscal Year 2008 HOMELAND SECURITY GRANT PROGRAM ty Grant Program SUPPLEMENTAL RESOURCE: CYBER SECURITY GUIDANCE uidelines and Application Kit (October
More informationCyber Incident Annex. Cooperating Agencies: Coordinating Agencies:
Cyber Incident Annex Coordinating Agencies: Department of Defense Department of Homeland Security/Information Analysis and Infrastructure Protection/National Cyber Security Division Department of Justice
More informationnetwork PRoteCtion and information L G S H a S P e R F o R M e D assurance networks R e D t e a M S e C U R i t Y
Solving the Federal Government s Toughest Cyber Security Problems NETWORK PROTECTION AND INFORMATION ASSURANCE NETWORKS WITH A RICH HERITAGE OF ACHIEVEMENT AND LEVERAGING THE EXPERTISE AND RESOURCES OF
More informationToward a Federal Cybersecurity Research Agenda: Three Game-changing Themes
Toward a Federal Cybersecurity Research Agenda: Three Game-changing Themes Toward a Federal Cybersecurity Research Agenda: Three Game-changing Themes Dr. Jeannette Wing Assistant Director for Computer
More informationSharing Intelligence is our Best Defense: Cyber Security Today Is a bit Like the Keystone Cops
Sharing Intelligence is our Best Defense: Incentives That Work versus Disincentives That Can Be Solved William Yurcik* Adam Slagell Jun Wang NCSA Security Research (NCSA) University of Illinois at Urbana-Champaign
More informationIntrusion Detection for Mobile Ad Hoc Networks
Intrusion Detection for Mobile Ad Hoc Networks Tom Chen SMU, Dept of Electrical Engineering tchen@engr.smu.edu http://www.engr.smu.edu/~tchen TC/Rockwell/5-20-04 SMU Engineering p. 1 Outline Security problems
More informationDouglas M. DePeppe Cyberlaw Attorney
Douglas M. DePeppe Cyberlaw Attorney doug@aspireip.com Cyber Risk Services Cyber Space Cyber Law International Cyber Frameworks IP Litigation George Washington University Law School, LL.M. The Judge Advocate
More informationWelcome to the 2007 DHS University Network Summit. Matthew Clark, Director Office of University Programs DHS Science and Technology Directorate
Welcome to the 2007 DHS University Network Summit Matthew Clark, Director Office of University Programs DHS Science and Technology Directorate Summit Objectives Describe the Office of University Programs
More informationCyber Security and Privacy - Program 183
Program Program Overview Cyber/physical security and data privacy have become critical priorities for electric utilities. The evolving electric sector is increasingly dependent on information technology
More informationSDN Security Challenges. Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015
SDN Security Challenges Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015 Cybersecurity Enhancement Act 2014 Public-Private Collaboration on Security (NIST
More informationNSF Activities in Cyber Trust
NSF Activities in Cyber Trust For ACM CCS Industry/Govt Track Oct. 26, 2004 Carl Landwehr (clandweh@nsf.gov) Cyber Trust Coordinator National Science Foundation What s s the Problem? Today s s software-based
More informationCritical Controls for Cyber Security. www.infogistic.com
Critical Controls for Cyber Security www.infogistic.com Understanding Risk Asset Threat Vulnerability Managing Risks Systematic Approach for Managing Risks Identify, characterize threats Assess the vulnerability
More informationDeputy Chief Financial Officer Peggy Sherry. And. Chief Information Security Officer Robert West. U.S. Department of Homeland Security.
Deputy Chief Financial Officer Peggy Sherry And Chief Information Security Officer Robert West U.S. Department of Homeland Security Testimony Before the Subcommittee on Government Organization, Efficiency
More informationTEXAS HOMELAND SECURITY STRATEGIC PLAN 2015-2020: PRIORITY ACTIONS
TEXAS HOMELAND SECURITY STRATEGIC PLAN 2015-2020: PRIORITY ACTIONS INTRODUCTION The purpose of this document is to list the aligned with each in the Texas Homeland Security Strategic Plan 2015-2020 (THSSP).
More informationNational Cyber Security Policy -2013
National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information
More informationNational Communications System. December 6, 2007
1 National Communications System December 6, 2007 2 National Communications System (NCS) Established in 1963 in response to communications failures associated with the Cuban Missile Crisis The mandate
More informationReliable, Repeatable, Measurable, Affordable
Reliable, Repeatable, Measurable, Affordable Defense-in-Depth Across Your Cyber Security Life-Cycle Faced with today s intensifying threat environment, where do you turn for cyber security answers you
More informationSubject: Critical Infrastructure Identification, Prioritization, and Protection
For Immediate Release Office of the Press Secretary The White House December 17, 2003 Homeland Security Presidential Directive / HSPD-7 Subject: Critical Infrastructure Identification, Prioritization,
More informationResearch and Educational Networking Information Analysis and Sharing Center (REN-ISAC)
Research and Educational Networking Information Analysis and Sharing Center (REN-ISAC) Doug Pearson Director, REN-ISAC ren-isac@iu.edu Copyright Trustees of Indiana University 2003. Permission is granted
More informationGlobal Cyber Range (GCR) Empowering the Cybersecurity Professional (CyPro)
Global Cyber Range (GCR) Empowering the Cybersecurity Professional (CyPro) NICE Conference 2014 CYBERSECURITY RESILIENCE A THREE TIERED SOLUTION NIST Framework for Improving Critical Infrastructure Cybersecurity
More informationDecember 17, 2003 Homeland Security Presidential Directive/Hspd-7
For Immediate Release Office of the Press Secretary December 17, 2003 December 17, 2003 Homeland Security Presidential Directive/Hspd-7 Subject: Critical Infrastructure Identification, Prioritization,
More informationRelease of the Draft Cybersecurity Procurement Language for Energy Delivery Systems
Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems Energy Sector Control Systems Working Group Supporting the Electricity Sector Coordinating Council, Oil & Natural Gas
More informationRISK AND RESILIENCE $58,000,000 +$38,000,000 / 190.0%
RISK AND RESILIENCE $58,000,000 +$38,000,000 / 190.0% Overview The economic competiveness and societal well-being of the United States depend on the affordability, availability, quality, and reliability
More informationIPv6: Network Security and the Next Generation of IP Communication
IPv6: Network Security and the Next Generation of IP Communication FORTINET IPv6 and Fortinet Solution Guide PAGE 2 Summary Many enterprises have IPv6 adoption on their technology roadmap due to the exhaustion
More informationDepartment of Homeland Security
11 Department of Homeland Security Lynn J. Daniels and Gerald L. Epstein American Association for the Advancement of Science HIGHLIGHTS The Department of Homeland Security (DHS) research and development
More informationNSF Cyber Trust Report
NSF Cyber Trust Report For US-Japan CIIP Experts Workshop, Sept 28-29 2004 Carl Landwehr (clandweh@nsf.gov) Cyber Trust Coordinator National Science Foundation Homeland Security Critical Infrastructure
More informationPrivacy and Security in Healthcare
5 th 5 th th National HIPAA Summit National Strategy to Secure Cyberspace Privacy and Security in Healthcare October 31, 2002 Andy Purdy Senior Advisor, IT Security and Privacy The President s Critical
More informationParticipants: Introduction:
National Conversation A Trusted Cyber Future Discussion Led by Dan Massey, CSD Program Manager Moderator: Joe Gersch (Secure 64) Department of Homeland Security Science and Technology Directorate (DHS
More informationDOE Cyber Security Policy Perspectives
DOE Cyber Security Policy Perspectives Mike Smith Senior Cyber Policy Advisor to the Assistant Secretary Department of Energy Overview of DOE Cybersecurity Priorities Protecting the DOE Enterprise from
More informationUpdate On Smart Grid Cyber Security
Update On Smart Grid Cyber Security Kshamit Dixit Manager IT Security, Toronto Hydro, Ontario, Canada 1 Agenda Cyber Security Overview Security Framework Securing Smart Grid 2 Smart Grid Attack Threats
More information(U) Appendix D: Evaluation of the Comprehensive National Cybersecurity Initiative
(U) Appendix D: Evaluation of the Comprehensive National Cybersecurity Initiative (U) Presidential Directive NSPD 54/HSPD 23, Cybersecurity Policy, established United States policy, strategy, guidelines,
More informationThe Importance of a Multistakeholder Approach to Cybersecurity Effectiveness
The Importance of a Multistakeholder Approach to Cybersecurity Effectiveness Abstract Area: ROADMAP FOR THE FURTHER EVOLUTION OF THE INTERNET GOVERNANCE ECOSYSTEM Entitled by: Cristine Hoepers, Klaus Steding-Jessen,
More informationDHSR&D and Its Importance to the Military
Order Code RS21270 Updated February 24, 2005 CRS Report for Congress Received through the CRS Web Homeland Security Research and Development Funding, Organization, and Oversight Summary Genevieve J. Knezo
More informationTUSKEGEE CYBER SECURITY PATH FORWARD
TUSKEGEE CYBER SECURITY PATH FORWARD Preface Tuskegee University is very aware of the ever-escalating cybersecurity threat, which consumes continually more of our societies resources to counter these threats,
More informationSociety, Law Enforcement and the Internet
Society, Law Enforcement and the Internet Models for Give-and-Take Carter Bullard CEO/President QoSient, LLC 150 E 57th Street Suite 12D New York, New York 10022 ICCS 2010 New York, New York carter@qosient.com
More informationTHE WHITE HOUSE Office of the Press Secretary
FOR IMMEDIATE RELEASE February 13, 2015 THE WHITE HOUSE Office of the Press Secretary FACT SHEET: White House Summit on Cybersecurity and Consumer Protection As a nation, the United States has become highly
More informationCyber Security Strategy(Information Security Policy Council, June 10, 2013)
Environmental Change Vision to aim as a Goal Basic Principles Cyber Security Strategy(Information Security Policy Council, June 10, 2013) Areas of Efforts Increasing severity of the risk surrounding cyberspace
More informationITL BULLETIN FOR JANUARY 2011
ITL BULLETIN FOR JANUARY 2011 INTERNET PROTOCOL VERSION 6 (IPv6): NIST GUIDELINES HELP ORGANIZATIONS MANAGE THE SECURE DEPLOYMENT OF THE NEW NETWORK PROTOCOL Shirley Radack, Editor Computer Security Division
More informationMeeting Cyber Security Challenges
Meeting Cyber Security Challenges Presented to Naval Postgraduate School Cyber Summit 29 October 2009 Cynthia Irvine, PhD, Professor Naval Postgraduate School UNCLASSIFIED Overview Challenges in Cyber
More informationCoordinating Attack Response at Internet Scale (CARIS)
Coordinating Attack Response at Internet Scale (CARIS) Overview and Summary Report July 2015 Kathleen Moriarty Security Area Director, IETF Kathleen.Moriarty.ietf@gmail.com Agenda Coordinating Attack Response
More informationWater Critical Infrastructure and Key Resources Sector-Specific Plan as input to the National Infrastructure Protection Plan Executive Summary
Water Critical Infrastructure and Key Resources Sector-Specific Plan as input to the National Infrastructure Protection Plan Executive Summary May 2007 Environmental Protection Agency Executive Summary
More informationKASPERSKY DDOS PROTECTION. Discover how Kaspersky Lab defends businesses against DDoS attacks
KASPERSKY DDOS PROTECTION Discover how Kaspersky Lab defends businesses against DDoS attacks CYBERCRIMINALS ARE TARGETING BUSINESSES If your business has ever suffered a Distributed Denial of Service (DDoS)
More informationCyber Watch. Written by Peter Buxbaum
Cyber Watch Written by Peter Buxbaum Security is a challenge for every agency, said Stanley Tyliszczak, vice president for technology integration at General Dynamics Information Technology. There needs
More informationState Engagement with the Energy Sector to Improve Cyber Security
Contact: Allison Cullin Homeland Security and Technology Division 202/624-5311 April 20, 2010 State Engagement with the Energy Sector to Improve Cyber Security Executive Summary The state-owned computer
More informationApril 10, 2009. Ms. Melissa Hathaway Acting Senior Director for Cyberspace National Security and Homeland Security Councils. Dear Ms.
William B. Nelson President & CEO FS-ISAC 20496 Partridge Place Leesburg, VA 20175 703-777-2803 (Direct) 509-278-2412 (Fax) bnelson@fsisac.us www.fsisac.com April 10, 2009 Ms. Melissa Hathaway Acting Senior
More informationU.S. Department of Energy Office of Inspector General Office of Audits & Inspections
U.S. Department of Energy Office of Inspector General Office of Audits & Inspections Audit Report Follow-up Audit of the Department's Cyber Security Incident Management Program DOE/IG-0878 December 2012
More informationNorthrop Grumman Cybersecurity Research Consortium
Northrop Grumman Cybersecurity Research Consortium GUIRR Spring Meeting Washington DC 9 February 2011 Robert F. Brammer, Ph.D. VP Advanced Technology and Chief Technology Officer Northrop Grumman Information
More informationEssential Next Steps for the U.S. Government in the Transition to IPv6
Essential Next Steps for the U.S. Government in the Transition to IPv6 An Executive Summary for Agency Chief Information Officers of the Latest Federal Policies and Guidance for Continuing the Enterprise
More informationScience or Security. George O. Strawn NSF & NITRD (retired)
Science or Security George O. Strawn NSF & NITRD (retired) Caveat auditor The opinions expressed in this talk are those of the speaker, not the U.S. government Outline Anecdotes about IT security Observations
More informationUS-CERT Overview & Cyber Threats
US-CERT Overview & Cyber Threats National Cyber Security Division United States Computer Emergency Readiness Team June 2006 Agenda Introduction to US-CERT Overview of why we depend on a secure cyberspace
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationThe DHS Small Business Innovation Research Program: Engaging Small Businesses to Meet DHS Needs and Achieving Results
The DHS Small Business Innovation Research Program: Engaging Small Businesses to Meet DHS Needs and Achieving Results Thomas A. Cellucci, Ph.D., MBA Director, Office of Public-Private Partnerships Science
More informationCIO and Cyber Security Overview Argonne National Laboratory. Michael A. Skwarek CIO Matthew A. Kwiatkowski CISO Oct. 12, 2011
CIO and Cyber Security Overview Argonne National Laboratory Michael A. Skwarek CIO Matthew A. Kwiatkowski CISO Oct. 12, 2011 Argonne Cyber Security Overview The laboratory cyber security program is mature
More information