Public-Private Cooperation in Cybersecurity Research Strategy Development across the Globe A View from the U.S. Department of Homeland Security (DHS)
Background Envision a future... in which universities and companies are free to research and develop new concepts and products protecting their IP and valuable data The United States is committed to helping build cybersecurity capacity. Enhancing national-level cybersecurity is also essential to cultivating dynamic, international research communities able to take on nextgeneration challenges to cybersecurity We will further promote collaborative science and technology research to enhance cybersecurity tools and capabilities
The Broad Homeland Security Enterprise Departments 14,800 Social Services 210,427 327 Public Works ~24,000 Utilities 16,960 Transportation 217,926 and similar health facilities 5,000 Media 14,650 Colleges & Universities 6,900 61 178 4,360 Chemical, Oil and Gas 2,500 Insurance Companies 440 308,500 178 5,815 Fire - 30,125 LE - 17,985 34 National 24K stations NGOs >1.5 million EMPLOYERS 7,601,160 47 EMS - 21,283 COMM/911 6,153 19,902 10,000 Schools 132,656 170 Federal Agencies 16,960 3,637 1,120 3,479 Restoration & Repair 402,440 Mental Health Services 15,000 Telematics Providers 16,960 Veterinarians 21,731 Sports Facilities 1,965 Doctors Offices, Nursing Homes 19,286 State, Tribal, Local Govts 39,3130 Telecom & IT 11,000 3
Cybersecurity Requirements Strategies 2003 2008 2009 2011 2012 2013 Call for Action Secure Protocols DNSSEC Secure Routing DETER security testbed PREDICT data repository CNCI S&T Produced CNCI Tasks 4&9 Implementation EO 13636: - Call for NICE National R&D S&T led via cochair of CSIA accomplish goals plan to Improving (Education) Roadmap with Critical - Call for NSTIC community input IWG of DHS QHSR Infrastructure (Trusted Source for DHS Significant interagency activities capabilities 24 high priority Cybersecurity Identities) S&T BAA, SBIR, PPD 21: - Reinforce need and other initiated by needed NPPDled, S&T involved Critical for PREDICT solicitations WH/NSS/OSTP Infrastructure data repository Security and Resilience 4
Cybersecurity Research Requirements White House/NSS National Strategy 2003 Comprehensive National Cybersecurity Initiative (CNCI) EO 13636/PPD 21 National CISR R&D Plan Transition to Practice (TTP) Cyber Economic Incentives Research National Initiative for Cybersecurity Education (NICE) State/Local S&T First Responders Group First Responder Access Card SWGDE (FBI) International Collaborations Departmental Inputs QHSR 2009 & 2014 Blueprint NPPD/CS&C/NCCIC ICE HSI / IPR USSS CBP USCG TSA DHS CIO/CISO Councils CSD Interagency Collaboration Cyber Security and Information Assurance (CSIA) IWG Cyber-Physical Systems (CPS) SSG Big Data SSG Cyber Forensics WG Critical Infrastructure Sectors (Private Sector) Energy (Oil & Gas, Electric Power) Banking and Finance Communications/IT Cross-Sector Cyber Security WG 5
CSD Mission & Strategy REQUIREMENTS CSD MISSION Develop and deliver new technologies, tools and techniques to defend and secure current and future systems and networks Conduct and support technology transition efforts Provide R&D leadership and coordination within the government, academia, private sector and international cybersecurity community CSD STRATEGY Trustworthy Cyber Infrastructure Cybersecurity Research Infrastructure Network & System Security and Investigations Cyber Physical Systems Transition and Outreach Stakeholders Outreach Methods (Sampling) Government IT Security Companies Technology Demonstrations Social Media Venture Capital Open Source Speaking Engagements Media Outreach International Program Reviews
S&T International Agreements Government-to-government cooperative activities for 13 bilateral Agreements Canada (2004) Australia (2004) United Kingdom (2005) Singapore (2007) Sweden (2007) Mexico (2008) Israel (2008) France (2008) Germany (2009) New Zealand (2010) European Commission (2010) Spain (2011) Netherlands (2013) COUNTRY PROJECTS MONEY IN JOINT MONEY OUT Australia 3 $300K $400K Canada 11 $1.8M Germany 1 $300K FY13-14: Over $6M of International Israel 2 $100K co-funding (leveraging over $70M of Netherlands 7 $450K $1.2M $150K U.S. funded efforts) Sweden 4 $650K FY 15-16: Anticipating a similar United Kingdom 3 $1.0M $400K $200K amount, including some new countries New Zealand 1 Japan 1
Netherlands / US Co-Investment Models Netherlands US Netherlands US US Netherlands Ongoing efforts 1) Modeling Internet Attacks 2) Improving Incident Response Teams 3) Reducing the Challenges to Investments in Private Sector. Ongoing efforts 1) Process Control Systems/SCADA 2) Mobile malware 3) Cybercrime economic measures. Ongoing efforts Forensics project Proposed efforts BAA projects (2014 call) o o o o Mobile Technology Security Data Privacy Cyber Physical System Security (CPSSEC) Distributed Denial of Service Defenses Proposed efforts Identity, privacy and trust management Malware and malicious infrastructures Attack detection, attack prevention and monitoring Forensics and incident management Data, Policy and Access Management Cybercrime and the underground economy Risk management, Economics, regulation 2016 joint call Proposed discussions Human-centered cybersecurity Internet situational awareness Cybersecurity Metrics
2014 Broad Agency Announcement BAA released incl. to participating countries: https://baa2.st.dhs.gov $95M over 5 year period 9
The LOGIIC Model of Government & Industry Partnership Linking the Oil and Gas Industry to Improve Cyber Security LOGIIC is an ongoing collaboration of oil and natural gas companies and the U.S. Department of Homeland Security, Science and Technology Directorate. LOGIIC facilitates cooperative research, development, testing, and evaluation procedures to improve cybersecurity in industry digital control systems. LOGIIC promotes the interests of the sector while maintaining impartiality, the independence of the participants, and vendor neutrality
LOGIIC Consortium Breaks New Ground The Automation Federation (AF) serves as the LOGIIC host organization Member companies contribute financially and technically, provide personnel who meet regularly to define projects of common interest, and provide staff to serve on the LOGIIC Executive Committee. Current members of LOGIIC include BP, Chevron, Shell, Total, and other large oil and gas companies that operate significant global energy infrastructure.
LOGIIC Operational Context DHS S&T $$ Program Management Subject Matter Expertise Access to Labs Testing Facilities Independent Researchers Project #1 Project #2 ISA Automation Federation (AF) (Legal Framework) Oil & Gas Sector Participating Companies Project #3 Project #4 Project #N $$ Findings Current Members Outreach CI Owners and Operators Industry Labs Vendors Researchers Vendors Standards Bodies
Summary Cybersecurity research is a key area of innovation to support our global economic and national security futures CSD continues with an aggressive cyber security research agenda to solve the cyber security problems of our current and future infrastructure and systems Ever-increasing speed of technology change Scope/complexity of the different areas of the problem The balance of near-term versus longer-term R&D Will continue strong emphasis on technology transition Will impact cyber education, training, and awareness of our current and future cybersecurity workforce Will continue to work internationally to find and deploy the best ideas and solutions to real-world problems
Douglas Maughan douglas.maughan@hq.dhs.gov
Douglas Maughan douglas.maughan@hq.dhs.gov