Homeland Open Security Technology (HOST)



Similar documents
Homeland Open Security Technology HOST Program

DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, DC

National Initiative for Cybersecurity Education

Open Source Software (OSS) and Total Cost of Ownership (TCO)

Preventing and Defending Against Cyber Attacks November 2010

Gaming System Monitoring and Analysis Effort

STATEMENT OF. Dr. David McClure Associate Administrator Office of Citizen Services and Innovative Technologies General Services Administration

Risk Management Framework (RMF): The Future of DoD Cyber Security is Here

2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy

National Initiative for Cybersecurity Careers and Studies (NICCS) Cybersecurity Training and Education Catalog Training Provider Instruction Guide

BlacKnight. Cyber Security international A BUSINESS / MARKETING PRESENTATION

An Overview of Large US Military Cybersecurity Organizations

NICE and Framework Overview

Security Authorization Process Guide

2) trusted network, resilient against large scale Denial of Service attacks

December 8, Security Authorization of Information Systems in Cloud Computing Environments

How to use the National Cybersecurity Workforce Framework. Your Implementation Guide

Preventing and Defending Against Cyber Attacks June 2011

Security Certification & Accreditation of Federal Information Systems A Tutorial

RED HAT ENTERPRISE LINUX 6 SECURITY TECHNICAL IMPLEMENTATION GUIDE (STIG) OVERVIEW. Version 1, Release July 2015

CyberSkills Management Support Initiative

Cybersecurity in the States 2012: Priorities, Issues and Trends

National Initiative for Cyber Security Education

Introduction to NICE Cybersecurity Workforce Framework

CyberSecurity Solutions. Delivering

Empowering IT Acquisitions

A Guide to Open Source Transformation Services. How and Why Organizations are Making the Move to Open Source

Participants: Introduction:

Middle Class Economics: Cybersecurity Updated August 7, 2015

Testimony of. Before the United States House of Representatives Committee on Oversight and Government Reform And the Committee on Homeland Security

Securing the Electric Grid with Common Cyber Security Services Jeff Gooding

FedVTE Training Catalog SPRING advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

Consolidated Afloat Networks and Enterprise Services (CANES)

Modeling and Simulation (M&S) for Homeland Security

Building Security In:

Strategic Progress Update July 2014 March 2015

Information System Security Officer (ISSO) Guide

NIST Cyber Security Activities

National Cyber Security Awareness Month. Week Five: Building the Next Generation of Cyber Professionals

Taking the Open Source Road

TRANSATLANTIC CYBER SECURITY SUMMIT

DHS S&T Cyber Security Division (CSD) Overview

The Comprehensive National Cybersecurity Initiative

What is Open Source? Open source is defined by three key components:

FOSSBazaar A Governance Initiative to manage Free and Open Source Software life cycle

The Imperative for High Assurance Credentials: State Identity Credential and Access Management (SICAM) Guidance and Roadmap

Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security

Cyber R &D Research Roundtable

Cloud Security. A Sales Guy Talks About DoD s Cautious Journey to the Public Cloud. Sean Curry Sales Executive, Aquilent

Global Cyber Range (GCR) Empowering the Cybersecurity Professional (CyPro)

Open Source Software for Cyber Operations:

DHS S&T Cyber Security Division (CSD) Overview

Cyber Security Division FY 2012 Annual Report

NASA OFFICE OF INSPECTOR GENERAL

FedVTE Training Catalog SUMMER advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

In Response to Section 942 of the National Defense Authorization Act for Fiscal Year 2014 (Public Law ) Terry Halvorsen DoD CIO

NASCIO 2014 State IT Recognition Awards

A. This Directive applies throughout DHS, unless exempted by statutory authority.

Computer and Network Security in Higher Education

Cloud Cyber Incident Sharing Center (CISC) Jim Reavis CEO, Cloud Security Alliance

The Computerworld Honors Program

Big Data Platform (BDP) and Cyber Situational Awareness Analytic Capabilities (CSAAC)

Cyber Security Division Overview

Open Source in Government: Delivering Network Security, Flexibility and Interoperability

How To Improve The Defense Communications System

How to Use the Federal Risk and Authorization Management Program (FedRAMP) for Cloud Computing

Identity, Credential, and Access Management. An information exchange For Information Security and Privacy Advisory Board

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C

Software Sustainability Challenges for Acquisition, Engineering, and Capability Delivery in the Face of the Growing Cyber Threat

CIO and Cyber Security Overview Argonne National Laboratory. Michael A. Skwarek CIO Matthew A. Kwiatkowski CISO Oct. 12, 2011

Cybersecurity in Test & Evaluation. James S. Wells Deputy Director, Cyberspace & HSE Programs Office of Test & Evaluation

University of Maryland University College: Master of Science in Digital Forensics and Cyber Investigation

Joint Information Environment Single Security Architecture (JIE SSA)

Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems

FAA Cloud Computing Strategy

Building The Bridge Across The Great Minority Cyber Divide

Chairman Johnson, Ranking Member Carper, and Members of the committee:

Complying with the Federal Information Security Management Act. Parallels with Sarbanes-Oxley Compliance

DoD CIO s 10-Point Plan for IT Modernization. Ms. Teri Takai DoD CIO

SECTION C: DESCRIPTION/SPECIFICATIONS/WORK STATEMENT

Transcription:

CYBER SECURITY DIVISION 2013 PRINCIPAL INVESTIGATORS MEETING Homeland Open Security Technology (HOST) Daniel Massey Program Manager CSD September 16, 2013

Connecting GovIT with Open Security Solutions Original Slide Design Stolen From Dr. Doug Maughan, Circa 2000. Open Security Solutions GovIT Deployment Research HOST Transition to Commercialization

CYBER SECURITY DIVISION 2013 PRINCIPAL INVESTIGATORS MEETING Homeland Open Security Technology (HOST) Georgia Tech Research Institute Joshua L. Davis September 16, 2013

Performers 9/16/13 CYBER SECURITY DIVISION 2013 PRINCIPAL INVESTIGATORS MEETING 3

Need for Innovation across the Homeland Security Enterprise Cybersecurity threats to the Homeland Security Enterprise are ever increasing while Government IT is expensive and slow to adapt. NEED: Affordable, adaptable, and timely innovation is needed. Cybersecurity innovation from government research is not transitioning to the market quickly enough. NEED: Alternative approaches to commercialization are needed to increase discoverability of and accessibility to these innovations. 9/16/13 CYBER SECURITY DIVISION 2013 PRINCIPAL INVESTIGATORS MEETING 4

Approach Open Source Software (OSS) Software for which the human-readable source code is available for use, study, re-use, modification, enhancement, and re-distribution by the users of that software. Reference: 16 October 2009 memorandum from the DoD CIO, "Clarifying Guidance Regarding Open Source Software (OSS) ==!= Free Software, Libre Software, Free Software, Open Source Software (FOSS or F/OSS), Free/Libre/Open Source Software (FLOSS) Non-Commercial Software, Freeware, Open Architecture, Open System, Open Interface/Standard/Format, Shareware Open Security Application of open source software (OSS) approaches to help solve cyber security problems In short, open security improves security through collaboration. Reference: http://en.wikipedia.org/wiki/open_security 9/16/13 CYBER SECURITY DIVISION 2013 PRINCIPAL INVESTIGATORS MEETING 5

Homeland Open Security Technology The mission of the Homeland Open Security Technology (HOST) program is to investigate open security methods, models and technologies and identify viable and sustainable approaches that support national cyber security objectives. The foundational technology for the purposes of HOST is based on open source software. Discovery Collaboration Investments 9/16/13 CYBER SECURITY DIVISION 2013 PRINCIPAL INVESTIGATORS MEETING 6

Discovery Discover questions & problems relating to Open Security Discover answers & solutions Let others know what we ve discovered OSS in Government Open security definition Frequently Asked Questions (FAQ) Various case studies, e.g. OpenSSL, OSS Forensics Outreach and training 9/16/13 CYBER SECURITY DIVISION 2013 PRINCIPAL INVESTIGATORS MEETING 7

Collaboration Communications, Community, and Outreach Open Security Community Open-Sec.org BSides OSS Government Open Source Conference DHS OSS Policy OpenCyberSecurity.org Open security OSS ecosystem 9/16/13 CYBER SECURITY DIVISION 2013 PRINCIPAL INVESTIGATORS MEETING 8

http://opencybersecurity.org 9/16/13 CYBER SECURITY DIVISION 2013 PRINCIPAL INVESTIGATORS MEETING 9

Investments Domains or technologies needing push/refresh Certifications, accreditations, and validations Proof of concepts and prototyping Current Investments: Open Information Security Foundation Suricata IDS OpenSSL FIPS 140-2 Validation Open Web Application Security Guidebook Project City of Portland IDS/IPS Pilot Project Trusted Code Initiative Seed and collaborative investments Peer reviewed applications Shared as case studies 9/16/13 CYBER SECURITY DIVISION 2013 PRINCIPAL INVESTIGATORS MEETING 10

Benefits Governments Increase discovery and accessibility to innovative cybersecurity technologies Potential commoditization of effective cybersecurity through economics of scale Innovators Active support in transitioning technologies to open source software An evolving and growing open security market Opportunities for collaborative innovation OSS and Security Communities Alternative resources for government market requirements Increased awareness of government cybersecurity technologies Opportunities for collaborative innovation 9/16/13 CYBER SECURITY DIVISION 2013 PRINCIPAL INVESTIGATORS MEETING 11

Current Status Open Security defined Discovery - Initial research approved for publication, multiple case studies complete, multiple outreach opportunities Collaboration - OpenCyberSecurity.org almost ATOed, 250 open security technologies cataloged, Open-Sec Community established, multiple outreach opportunities Investments - Suricata transitioned, multiple investments in progress and almost complete, call for 2013 investments closed 9/16/13 CYBER SECURITY DIVISION 2013 PRINCIPAL INVESTIGATORS MEETING 12

Next Steps Discovery - Continue FAQ update and maintain, start development of How to use OSS in the government, continued outreach, video documentation Collaboration - Engage DHS S&T Innovators, Engage DHS about OSS policy, launch OpenCyberSecurity.org, refresh open security catalog, GOSCON in Portland, OR (state & local), BSides OSS in DC (federal and industrial base), continued outreach, integrate with SWAMP Investments - Council of peers review applications, manage current investments, complete case studies, continue application processing 9/16/13 CYBER SECURITY DIVISION 2013 PRINCIPAL INVESTIGATORS MEETING 13

Homeland Open Security Technology (HOST) DISCOVERY David A. Wheeler IDA dwheeler@ida.org COLLABORATION Joshua L. Davis Georgia Tech josh.davis@gtri.gatech.edu Homeland Open Security Technology Should I open source? I want to open source. I already open sourced! INVESTMENTS Deb Bryant Bryant Group, LLC deborah@debbryant.com 14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information