Benefits of Collaborative Science and Innovation - Improve Cyber Security

Similar documents
DHS S&T Cyber Security R&D Programs

DHS S&T Cyber Security Division (CSD) Strategic Vision

Cyber Security Division Overview

DHS S&T Cyber Security Division (CSD) Overview

Mary Ellen Seale National Protection and Programs Directorate May 16, 2012

Preventing and Defending Against Cyber Attacks November 2010

Cyber Security Division FY 2012 Annual Report

Cyber Security Research and Development a Homeland Security Perspective

Presentation to the Control Systems Security Outreach Coordination Meeting. Mark P. Morgan Lori Ross O Neil July 24, 2007

Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems

Homeland Open Security Technology HOST Program

Actions and Recommendations (A/R) Summary

DHS S&T Cyber Security Division (CSD) Overview

DHS S&T Cyber Security Division (CSD) Overview

US Federal Cyber Security Research Program November 15, 2012 New England Advanced Cyber Security Center Workshop Bill Newhouse (NIST)

Preventing and Defending Against Cyber Attacks June 2011

DHS S&T Cyber Security R&D Program

Preventing and Defending Against Cyber Attacks October 2011

An Update from Washington Cybersecurity / R&D

US Federal Cyber Security Research Program. NITRD Program

Cyber Security Implications of SIS Integration with Control Networks

NASCIO 2014 State IT Recognition Awards

The Comprehensive National Cybersecurity Initiative

Toward a Federal Cybersecurity Research Agenda: Three Game-changing Themes

Testimony of. Cita M. Furlani Director

SECURE AND TRUSTWORTHY CYBERSPACE (SaTC) $124,250,000 +$1,500,000 / 1.2%

Capabilities for Cybersecurity Resilience

Cyber Security Research and Development: A Homeland Security Perspective

DHS. CMSI Webinar Series

SCADA Security Training

Integrating Cybersecurity with Emergency Operations Plans (EOPs) for K-12 Education

Integrating Cybersecurity with Emergency Operations Plans (EOPs) for Institutions of Higher Education (IHEs)

CyberSkills Management Support Initiative

Towards defining priorities for cybersecurity research in Horizon 2020's work programme Contributions from the Working Group on Secure ICT

The Cybersecurity Research Alliance

Why Cybersecurity Matters in Government Contracting. Robert Nichols, Covington & Burling LLP

SECURE AND TRUSTWORTHY CYBERSPACE (SaTC)

ICS-CERT Year in Review. Industrial Control Systems Cyber Emergency Response Team. National Cybersecurity and Communications Integration Center

Critical Infrastructure Security and Resilience

C ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY

DHS S&T Cyber Security Division (CSD) PREDICT Overview

Participants: Introduction:

DHS, National Cyber Security Division Overview

Outline. Who conducts research related to CIIP in the U.S.? Universities. What is Critical Information Infrastructure? Who sponsors this research?

2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy

In December 2011, the White House Office of Science. Introducing the federal cybersecurity R&D strategic plan. Leaping ahead on cybersecurity

Cybersecurity in the Utilities Sector Best Practices and Implementation 2014 Canadian Utilities IT & Telecom Conference September 24, 2014

Written Testimony. Dr. Andy Ozment. Assistant Secretary for Cybersecurity and Communications. U.S. Department of Homeland Security.

NIST Cybersecurity Framework. ARC World Industry Forum 2014

Middle Class Economics: Cybersecurity Updated August 7, 2015

How To Transition Research Into Practice

AT&T Cybersecurity Policy Overview

Cybersecurity at the Nexus of a Hyper- Connected World

National Initiative for Cybersecurity Education

Testimony of. Kevin Stine. Leader, Security Outreach and Integration Group. Computer Security Division. Information Technology Laboratory

Cyber Incident Annex. Cooperating Agencies: Coordinating Agencies:

I N T E L L I G E N C E A S S E S S M E N T

PREPUBLICATION COPY. More Intelligent, More Effective Cybersecurity Protection

CyberSecurity Solutions. Delivering

How To Write A Cybersecurity Framework

TAZEEM PASHA MANAGER, BUSINESS RETENTION AND EXPANSION SELECTUSA U.S. DEPARTMENT OF COMMERCE

Computer Network Security & Privacy Protection

Voluntary Cybersecurity Initiatives in Critical Infrastructure. Nadya Bartol, CISSP, SGEIT, 2014 Utilities Telecom Council

Statement for the Record of

RISK AND RESILIENCE $58,000,000 +$38,000,000 / 190.0%

Introduction. Opening Presentation. 1

NGA Paper. Act and Adjust: A Call to Action for Governors. for cybersecurity;

ITU National Cybersecurity/CIIP Self-Assessment Toolkit. Background Information for National Pilot Tests

(U) Appendix D: Evaluation of the Comprehensive National Cybersecurity Initiative

MESSAGE FROM THE SECRETARY... ii EXECUTIVE SUMMARY... iii INTRODUCTION... 1 THE FUTURE WE SEEK... 5

SDN Security Challenges. Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015

Cybersecurity Delivering Confidence in the Cyber Domain

How To Prevent Cyber Crime

THE 411 ON CYBERSECURITY, INFORMATION SHARING AND PRIVACY

National Security & Homeland Security Councils Review of National Cyber Security Policy. Submission of the Business Software Alliance March 19, 2009

CONSULTING IMAGE PLACEHOLDER

Achieving Global Cyber Security Through Collaboration

National Cybersecurity & Communications Integration Center (NCCIC)

Cyber Security Strategy(Information Security Policy Council, June 10, 2013)

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES

THE WHITE HOUSE Office of the Press Secretary. FACT SHEET: Administration Cybersecurity Efforts 2015

National Initiative for Cyber Security Education

Cybersecurity Competence Building Trends

Privacy and Security in Healthcare

Government Research Needs: Who Funds What?

Global Cyber Range (GCR) Empowering the Cybersecurity Professional (CyPro)

Cloud Cyber Incident Sharing Center (CISC) Jim Reavis CEO, Cloud Security Alliance

Cybersecurity on a Global Scale

ORGANISATION FOR ECONOMIC CO-OPERATION AND DEVELOPMENT

NICE and Framework Overview

I3P SCADA Security Research Plan

Agenda. Company Platform Customers Partners Competitive Analysis

June 9, Dear Colleagues:

National Cyber Security Strategies: United States

Department of Homeland Security

Department of Homeland Security Federal Government Offerings, Products, and Services

Cybersecurity Framework. Executive Order Improving Critical Infrastructure Cybersecurity

Department of Homeland Security Science & Technology

RESILIENCE AGAINST CYBER ATTACKS Protecting Critical Infrastructure Information

Sources of Funding Cyber Security Research

Transcription:

Public-Private Cooperation in Cybersecurity Research Strategy Development across the Globe A View from the U.S. Department of Homeland Security (DHS)

Background Envision a future... in which universities and companies are free to research and develop new concepts and products protecting their IP and valuable data The United States is committed to helping build cybersecurity capacity. Enhancing national-level cybersecurity is also essential to cultivating dynamic, international research communities able to take on nextgeneration challenges to cybersecurity We will further promote collaborative science and technology research to enhance cybersecurity tools and capabilities

The Broad Homeland Security Enterprise Departments 14,800 Social Services 210,427 327 Public Works ~24,000 Utilities 16,960 Transportation 217,926 and similar health facilities 5,000 Media 14,650 Colleges & Universities 6,900 61 178 4,360 Chemical, Oil and Gas 2,500 Insurance Companies 440 308,500 178 5,815 Fire - 30,125 LE - 17,985 34 National 24K stations NGOs >1.5 million EMPLOYERS 7,601,160 47 EMS - 21,283 COMM/911 6,153 19,902 10,000 Schools 132,656 170 Federal Agencies 16,960 3,637 1,120 3,479 Restoration & Repair 402,440 Mental Health Services 15,000 Telematics Providers 16,960 Veterinarians 21,731 Sports Facilities 1,965 Doctors Offices, Nursing Homes 19,286 State, Tribal, Local Govts 39,3130 Telecom & IT 11,000 3

Cybersecurity Requirements Strategies 2003 2008 2009 2011 2012 2013 Call for Action Secure Protocols DNSSEC Secure Routing DETER security testbed PREDICT data repository CNCI S&T Produced CNCI Tasks 4&9 Implementation EO 13636: - Call for NICE National R&D S&T led via cochair of CSIA accomplish goals plan to Improving (Education) Roadmap with Critical - Call for NSTIC community input IWG of DHS QHSR Infrastructure (Trusted Source for DHS Significant interagency activities capabilities 24 high priority Cybersecurity Identities) S&T BAA, SBIR, PPD 21: - Reinforce need and other initiated by needed NPPDled, S&T involved Critical for PREDICT solicitations WH/NSS/OSTP Infrastructure data repository Security and Resilience 4

Cybersecurity Research Requirements White House/NSS National Strategy 2003 Comprehensive National Cybersecurity Initiative (CNCI) EO 13636/PPD 21 National CISR R&D Plan Transition to Practice (TTP) Cyber Economic Incentives Research National Initiative for Cybersecurity Education (NICE) State/Local S&T First Responders Group First Responder Access Card SWGDE (FBI) International Collaborations Departmental Inputs QHSR 2009 & 2014 Blueprint NPPD/CS&C/NCCIC ICE HSI / IPR USSS CBP USCG TSA DHS CIO/CISO Councils CSD Interagency Collaboration Cyber Security and Information Assurance (CSIA) IWG Cyber-Physical Systems (CPS) SSG Big Data SSG Cyber Forensics WG Critical Infrastructure Sectors (Private Sector) Energy (Oil & Gas, Electric Power) Banking and Finance Communications/IT Cross-Sector Cyber Security WG 5

CSD Mission & Strategy REQUIREMENTS CSD MISSION Develop and deliver new technologies, tools and techniques to defend and secure current and future systems and networks Conduct and support technology transition efforts Provide R&D leadership and coordination within the government, academia, private sector and international cybersecurity community CSD STRATEGY Trustworthy Cyber Infrastructure Cybersecurity Research Infrastructure Network & System Security and Investigations Cyber Physical Systems Transition and Outreach Stakeholders Outreach Methods (Sampling) Government IT Security Companies Technology Demonstrations Social Media Venture Capital Open Source Speaking Engagements Media Outreach International Program Reviews

S&T International Agreements Government-to-government cooperative activities for 13 bilateral Agreements Canada (2004) Australia (2004) United Kingdom (2005) Singapore (2007) Sweden (2007) Mexico (2008) Israel (2008) France (2008) Germany (2009) New Zealand (2010) European Commission (2010) Spain (2011) Netherlands (2013) COUNTRY PROJECTS MONEY IN JOINT MONEY OUT Australia 3 $300K $400K Canada 11 $1.8M Germany 1 $300K FY13-14: Over $6M of International Israel 2 $100K co-funding (leveraging over $70M of Netherlands 7 $450K $1.2M $150K U.S. funded efforts) Sweden 4 $650K FY 15-16: Anticipating a similar United Kingdom 3 $1.0M $400K $200K amount, including some new countries New Zealand 1 Japan 1

Netherlands / US Co-Investment Models Netherlands US Netherlands US US Netherlands Ongoing efforts 1) Modeling Internet Attacks 2) Improving Incident Response Teams 3) Reducing the Challenges to Investments in Private Sector. Ongoing efforts 1) Process Control Systems/SCADA 2) Mobile malware 3) Cybercrime economic measures. Ongoing efforts Forensics project Proposed efforts BAA projects (2014 call) o o o o Mobile Technology Security Data Privacy Cyber Physical System Security (CPSSEC) Distributed Denial of Service Defenses Proposed efforts Identity, privacy and trust management Malware and malicious infrastructures Attack detection, attack prevention and monitoring Forensics and incident management Data, Policy and Access Management Cybercrime and the underground economy Risk management, Economics, regulation 2016 joint call Proposed discussions Human-centered cybersecurity Internet situational awareness Cybersecurity Metrics

2014 Broad Agency Announcement BAA released incl. to participating countries: https://baa2.st.dhs.gov $95M over 5 year period 9

The LOGIIC Model of Government & Industry Partnership Linking the Oil and Gas Industry to Improve Cyber Security LOGIIC is an ongoing collaboration of oil and natural gas companies and the U.S. Department of Homeland Security, Science and Technology Directorate. LOGIIC facilitates cooperative research, development, testing, and evaluation procedures to improve cybersecurity in industry digital control systems. LOGIIC promotes the interests of the sector while maintaining impartiality, the independence of the participants, and vendor neutrality

LOGIIC Consortium Breaks New Ground The Automation Federation (AF) serves as the LOGIIC host organization Member companies contribute financially and technically, provide personnel who meet regularly to define projects of common interest, and provide staff to serve on the LOGIIC Executive Committee. Current members of LOGIIC include BP, Chevron, Shell, Total, and other large oil and gas companies that operate significant global energy infrastructure.

LOGIIC Operational Context DHS S&T $$ Program Management Subject Matter Expertise Access to Labs Testing Facilities Independent Researchers Project #1 Project #2 ISA Automation Federation (AF) (Legal Framework) Oil & Gas Sector Participating Companies Project #3 Project #4 Project #N $$ Findings Current Members Outreach CI Owners and Operators Industry Labs Vendors Researchers Vendors Standards Bodies

Summary Cybersecurity research is a key area of innovation to support our global economic and national security futures CSD continues with an aggressive cyber security research agenda to solve the cyber security problems of our current and future infrastructure and systems Ever-increasing speed of technology change Scope/complexity of the different areas of the problem The balance of near-term versus longer-term R&D Will continue strong emphasis on technology transition Will impact cyber education, training, and awareness of our current and future cybersecurity workforce Will continue to work internationally to find and deploy the best ideas and solutions to real-world problems

Douglas Maughan douglas.maughan@hq.dhs.gov

Douglas Maughan douglas.maughan@hq.dhs.gov

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information