Panel on Emerging Cyber Security Technologies. Robert F. Brammer, Ph.D., VP and CTO. Northrop Grumman Information Systems.



Similar documents
Northrop Grumman Cybersecurity Research Consortium

Monitoring Database Management System (DBMS) Activity for Detecting Data Exfiltration by Insiders

Dr. Starnes E. Walker Founding Director, Cybersecurity Initiative (302)

C ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY

WORKSHOP Rethinking Cyber Security for Industrial Control Systems

Cyber Security Research and Development: A Homeland Security Perspective

TUSKEGEE CYBER SECURITY PATH FORWARD

SECURE AND TRUSTWORTHY CYBERSPACE (SaTC)

The National Consortium for Data Science (NCDS)

Privacy and Security in Healthcare

The Comprehensive National Cybersecurity Initiative

U.S. Army Research, Development and Engineering Command. Cyber Security CRA Overview

Cybersecurity Strategic Talent Management. March, 2012

Bellevue University Cybersecurity Programs & Courses

Douglas M. DePeppe Cyberlaw Attorney

2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy

Information Technology R&D and U.S. Innovation

Bill Guenther, Chairman, CEO and Founder Mass Insight Global Partnerships. Robert F. Brammer, Ph.D., President and CEO Brammer Technology, LLC

The Case for Support: The Center for Cyber Security Studies at the U. S. Naval Academy

Cybersecurity in the Utilities Sector Best Practices and Implementation 2014 Canadian Utilities IT & Telecom Conference September 24, 2014

KUDELSKI SECURITY DEFENSE.

UNCLASSIFIED. UNCLASSIFIED Office of Secretary Of Defense Page 1 of 8 R-1 Line #50

Developing and Enhancing Cyber Security Capabilities in the Region. Khaled Gamo Technology Advisor Ministry of communication and informatics

Cybersecurity Delivering Confidence in the Cyber Domain

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Today s Global Cyber Security Status and Trustworthy Systems That Leverage Distrust Amongst Sovereigns

Visualization, Modeling and Predictive Analysis of Internet Attacks. Thermopylae Sciences + Technology, LLC

Appendix A: Gap Analysis Spreadsheet. Competency and Skill List. Critical Thinking

Bachelor of Information Technology

Department of Information Systems and Cyber Security

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

Principles of Information Assurance Syllabus

Bachelor of Games and Virtual Worlds (Programming) Subject and Course Summaries

EL Program: Smart Manufacturing Systems Design and Analysis

Capacity Building in Cyber Security Literacy: An Inter-disciplinary Approach

Good morning. It is a pleasure to be with you here today to talk about the value and promise of Big Data.

CyberSecurity Solutions. Delivering

MEDIA, TECHNOLOGY, AND INFORMATION LAW. Yale Law School

IEEE-Northwest Energy Systems Symposium (NWESS)

[STAFF WORKING DRAFT]

David G. Belanger, PhD, Senior Research Fellow, Stevens Institute of Technology, New Jersey, USA Topic: Big Data - The Next Phase Abstract

Computer Scientist. Conduct research in latest computer and network security technologies for high assurance system security solutions

Data Analytics & Information Security

How To Understand And Understand Cyber Security

Rethinking Cyber Security for Industrial Control Systems (ICS)

Cyber-Physical System Security of the Power Grid

White Paper: Leveraging Web Intelligence to Enhance Cyber Security

CENTRE FOR STRATEGIC CYBERSPACE + SECURITY SCIENCE LEADERSHIP. RESEARCH. DEFENCE.

Modeling and Simulation (M&S) for Homeland Security

( 4EC C11392)

National Cyber Security Framework and Protocol. for securing digital information in networked critical infrastructures and communications

Department of Information Management

SITUATIONAL AWARENESS MITIGATE CYBERTHREATS

Department of Information and Technology Management

Georgia Tech Cybersecurity Leadership Certificate Program July 25 29, 2016

2. Cyber security research in the Netherlands

National Cyber Security Strategies: United States

Certified Cyber Security Analyst VS-1160

The Geospatial Approach to Cybersecurity: An Executive Overview. An Esri White Paper January 2014

SCADA/ICS Security in an.

FEDERAL RÉSUMÉ. Client Name PROFILE SUMMARY

Cyber Security Research and Development a Homeland Security Perspective

Impact of Cybersecurity Innovations in Key Sectors (Technical Insights)

Cybersecurity: Mission integration to protect your assets

Actions and Recommendations (A/R) Summary

MISSION-ESSENTIAL INTELLIGENCE AND CYBER SOLUTIONS

National Initiative for Cyber Security Education

An Overview of Large US Military Cybersecurity Organizations

ARI 26/2013 (Translated from Spanish) 17 September Cyber cells: a tool for national cyber security and cyber defence

Introduction to Cybersecurity Overview. October 2014

CYBER PANEL MEMBERS. Mr. Hart is a member of the United States Air Force Senior Executive Service with over fifteen years service as an SES.

SECURE AND TRUSTWORTHY CYBERSPACE (SaTC) $124,250,000 +$1,500,000 / 1.2%

CYBERINFRASTRUCTURE FRAMEWORK FOR 21 ST CENTURY SCIENCE, ENGINEERING, AND EDUCATION (CIF21)

Preventing and Defending Against Cyber Attacks June 2011

Information Systems and Tech (IST)

NICE and Framework Overview

Protecting critical infrastructure from Cyber-attack

Oil & Gas Cybersecurity

Guidelines for Establishment of Contract Areas Computer Science Department

CYBERINFRASTRUCTURE FRAMEWORK FOR 21 st CENTURY SCIENCE AND ENGINEERING (CIF21)

Courtesy Voicu Popescu

Cyber Security Awareness Workshop

Transcription:

Panel on Emerging Cyber Security Technologies Robert F. Brammer, Ph.D., VP and CTO Northrop Grumman Information Systems Panel Moderator 27 May 2010

Panel on Emerging Cyber Security Technologies Robert F. Brammer, Panel Moderator Introduction Good morning. My name is Bob Brammer, and I am the VP and Chief Technology Officer for Northrop Grumman s Information Systems Sector. It is my pleasure to be the moderator for this Panel on Emerging Cyber Security Technologies. This is clearly an important and timely subject. Given all of the threats and challenges that we have been discussing at this Cyberspace Symposium, we certainly need significant new technology developments to help to meet the objective of this symposium Ensuring Commander s Freedom of Action in Cyberspace. We have a strong panel to discuss this topic this morning, with representation from government, academia, and industry. Each of our panel members works with advanced developments in cybersecurity technology every day. We have organized this session so that each panel member will have about 10 minutes for prepared remarks on their work with emerging cybersecurity technologies. Then we will open the floor for questions from the audience for about 20 minutes. There should be enough insight from the panel members to help us all understand which emerging technologies will be significant in meeting our objective, distinguishing these technologies from others, unsuccessful, that may be described as submerging technologies. The technologies that we will discuss this morning are not only computer hardware, software, and networking, but also architectural concepts, mathematical algorithms, and psychological and economic models. Considered fully, cybersecurity is a multidisciplinary field that requires a broad range of expertise to advance. You will find that diversity in the members of this panel, whose expertise includes research in military cyber systems and operations, realtime cybersecurity, biologically inspired cybersecurity, social aspects of computing, and many other areas. Emerging Cyber Security Technologies Cybersecurity has become a national priority. In May of last year, President Obama, in announcing the results of the White House Cyberspace Review, said it's now clear this cyber threat is one of the most serious economic and national security challenges we face as a nation.

It's also clear that we're not as prepared as we should be, as a government or as a country. In recent years, some progress has been made at the federal level. But just as we failed in the past to invest in our physical infrastructure -- our roads, our bridges and rails -- we've failed to invest in the security of our digital infrastructure. Consistent with this national priority, cybersecurity is a major priority in Northrop Grumman s research program. To build the program, we use information gathered from a wide variety of sources. These sources include our customers and their operations, cyber threat analyses performed by external and internal sources, major global IT and telecommunications firms, niche and start-up technology companies, research universities, venture capital organizations, and industry analysts. In some cases, we establish cooperative R&D agreements, in others we work on contract R&D projects, and we fund joint projects with leading research universities. Our research investments include a portfolio of short-term, mid-term, and longterm projects. We work closely with our customers in cybersecurity research. We have worked for years with many US government agencies on the development of state of the art cybersecurity systems. These customers include defense, intelligence, and civil federal agency customers in both large-scale operations and in advanced research. In particular, we have had the privilege of working with Mike VanPutte at DARPA, who is on our panel today, on some of his projects, including the National Cyber Range and the Dynamic Quarantine of Worms. Northrop Grumman has also been very active in the OSTP-sponsored National Cyber Leap Year Summit and the follow-on activities. The National Cyber Leap Year event in August 2009 addressed point #9 in the President s announcement by focusing on stimulating activities to develop leap ahead technologies to solve our cybersecurity challenges. Northrop Grumman has made significant research investments to address these challenges. For example, last year we established our Northrop Grumman Cybersecurity Research Consortium including Carnegie Mellon, MIT, and Purdue to help us develop some of these leap-ahead technologies. Our research in this consortium spans many areas of cybersecurity, defined as protection of information and information systems on networks. These areas include hardware and software security, privacy, simulation of cyber attacks and defenses, protection of critical national infrastructures, and others. We have initiated ten projects at the universities with complementary research projects at NGC. We conduct this research in consortium labs across the US. The three university members of this panel are all principal investigators or research directors in the Northrop Grumman Cybersecurity Research Consortium.

With some of the university research projects, we want to take a longer-range view. In particular, we are working to develop a deeper understanding of cyberspace. There has been some discussion in this Symposium about how cyberspace is the fifth domain of military operations, complementing land, ocean, air, and space. Because of the significance of the assets in cyberspace, it is clear that there are many reasons for a major military presence in cyberspace. However, cyberspace is very different from the other four domains in important respects. In particular, physical laws, of which we have some significant understanding, govern the other four domains. Cyberspace is synthetic, and we do not yet have a theory of the physics of cyberspace. We do not yet have the analogs of Newton and Einstein who can develop a significant theoretical framework for cyberspace developments. However, in the meantime, we are doing some very important cyberspace research, while we are working to build a general theory of cyberspace and cybersecurity. To organize our cybersecurity research, Northrop Grumman has developed a research agenda that includes a broad range of relevant topics. We will continue to extend this agenda as we do the research and perform large-scale cybersecurity operations for our customers and our own network. Northrop Grumman s Research Agenda Using the information that we gather from all of the above sources, we have developed a detailed cybersecurity research agenda. This research agenda contains eight major categories. Each category has several subcategories, leading to 75 categories in all. We invest in many of these areas and track developments in all of them through our research projects and our Strategic Technology Partnership Program. The eight major cybersecurity investment areas in our research agenda are: 1. Foundations for Cybersecurity e.g., secure hardware, firmware, and software engineering, massive information management and analytics, multilevel-security and cross-domain solutions, cyberspace situational awareness at multiple organizational levels, 2. Cyber Security and Information Assurance Characterization and Assessment - - e.g., certification and accreditation, quality assessment, security metrics, 3. Cybersecurity for Internet and Control System Infrastructure e.g., secure networking protocols, telecom and SCADA security, 4. Functional Cybersecurity supply chain management, identity management, security operations center management, real-time forensics,

5. Domain-Specific Cybersecurity -- Part of these domains are not connected to the Internet, but there are significant cybersecurity issues to be addressed notwithstanding tactical and airborne military networks, power grid, health information systems and privacy, 6. Cyberattack and Cyberexploitation e.g., technology and operational issues, 7. Next-Generation Systems and Architectures e.g., moving target architectures, tagged architectures, converged network, storage, and server protocols and operations, secure green IT, quantum computing, 8. Social Dimensions of Cyber Security cybersecurity economics, ethics and trust on the Internet, international law and policies, We see some promising emerging technologies in many of these areas. However, substantial work by government, industry, and academia is needed to realize the potential of these technologies for large-scale implementations that will have national impact. Our panelists this morning will describe some specific examples of these emerging technologies. Panel Members I will introduce the panel members in alphabetical order. The first panel member is Dr. David Brumley. David is a professor in Carnegie Mellon s Department of Electrical and Computer Engineering. His research includes the automatic analysis of binary code for security vulnerabilities. David has multiple patents and best paper awards for his research in computer security. The second panel member is Dr. Tom Knight. Tom is a Senior Research Scientist in MIT s Computer Science and Artificial Intelligence Laboratory. Tom is working on the development of computing technology based on biological concepts, which is a very active research area for new concepts in cybersecurity. Tom has been nominated by the Institute of Engineering and Technology as one of the Top 25 most influential people in engineering and technology today. He is also a Fellow of the American Association for the Advancement of Science. The third panel member is Dr. Eugene Spafford. Spaf is a professor of Computer Science at Purdue University and Director of Purdue s Center for Research in Information

Assurance and Security (CERIAS). Under his leadership, CERIAS has become the largest academic cybersecurity research center, graduating more than 25% percent of the cybersecurity PH.D s in the last ten years. His current research includes many issues in computer and network security, including computer crime and ethics, and the social impacts of computing. He has received many awards, including the Meritorious Civilian Service Award from the USAF for his work on the Air Force Scientific Advisory Board, the IEEE Computer Society Award for excellence in information security education, and the President s Award from the Association for Computing Machinery. The fourth panel member is Dr. Michael VanPutte. Mike is a Program Manager in DARPA s Strategic Technology Office. Dr. VanPutte manages the DARPA Cyber Defense Program responsible for conceptualizing and managing a diverse portfolio of high risk and high payoff computer security and cyber warfare programs that include the National Cyber Range, Dynamic Quarantine of Worms, Scalable Network Monitoring, and the Cyber Genome Program focused on revolutionizing cyber security and cyber scientific experimentation. Before joining DARPA, Mike was a career Army officer and had many significant assignments, including being the Deputy Director of the Joint Task Force on Global Network Operations and the Chief of the Knowledge Engineering Group at the Army War College. Northrop Grumman s Information Systems Sector is a $10B information systems integration organization and one of the largest providers of security systems and services to the US public sector. As the CTO, I am responsible for the technology strategy and the internal research program. Cybersecurity is a major priority in our research program, and we are investing significantly in many of the areas that our panelists describe in this panel discussion.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information