Wanted By DHS: Breakout Ideas On Domestic Cybersecurity - InformationWeek
Government // Cybersecurity
09:06 AM

Wanted By DHS: Breakout Ideas On Domestic Cybersecurity

Department of Homeland Security plans to fund cyber defense research efforts to develop pragmatic tools that can be deployed quickly, says Forrester.

 Government Data + Maps: 10 Great Examples
Government Data + Maps: 10 Great Examples
(Click image for larger view and slideshow.)

Companies, universities, and other entities that have existing but unfunded, innovative cyber security projects should take advantage of new funding from the Homeland Security Department to advance their research, according to a new report from Forrester Research of Cambridge, Mass.

The DHS cyber research effort comes at a time when cyber attacks by well-funded crime groups around the globe and hostile nation-states are on the rise, and there is a shortage of funding for technologies to help vital sectors of the economy combat a daily barrage of attacks.

Although there are dozens of legislative proposals for cyber security before Congress, no meaningful cyberbreach legislation is being considered at the moment, according to report author Ed Ferrara, Forrester's principal analyst serving Security & Risk Professionals.

[How do ex-military and ex-hackers approach cybersecurity? Read Hacker Or Military? Best Of Both In Cyber Security.]

"At the tactical agency level... this particular effort is a bright spot in a pretty bleak governmental landscape," Ferrara said. "It's not nearly enough, but it is certainly a step in the right direction."

The department earlier this year issued a broad agency announcement seeking targeted research and development for innovative cyber security tools. DHS has $95 million that it will disburse in multiple phases over the next three to five years, according to government documents.

(Source: geralt, Pixabay)
(Source: geralt, Pixabay)

DHS wants pragmatic tools that can be deployed rapidly to boost the security of public and private organizations that are part of the nation's critical infrastructure, including financial, energy, healthcare, and other sectors.

The first phase of the funding is available for tools in four key domains: data and privacy, distributed denial of service, mobile security, and cyber and physical system integration. Forrester provided more details on what's needed in each domain:

Data privacy and security
DHS seeks methods to boost privacy controls that protect individuals' personal information. To achieve this goal, the department is interested in tools and concepts related to privacy compliance, privacy-preserving federated search capabilities, and mobile computing privacy.

Distributed denial of service
The department wants to develop ways to measure such attacks, enhance communications among affected parties, drive the adoption of existing technologies to mitigate DDoS attacks, and fund the further development of DDoS defense technologies.

Mobile security
DHS wants ideas that address a number of pressing needs. One need is instrumentation for mobile devices that can authenticate users and also perform risk-based assessments on the use of the device. Other needs include a secure approach for accessing mobile device data, new security management tools for mobile devices, and innovative approaches for protecting the component layers of devices from malicious applications.

Cyber and physical integration
DHS wants tools and concepts that address secure system design, and experimental and pilot implementations of such integrated cyber and physical security systems.

Ideally, organizations benefiting from advances in integrated cyber and physical security would be able to deploy them for building and system access, enhanced payment system security, and other applications that require multifactor authentication, according to Forrester.

"Things are getting worse," Ferrara said. "The number of attacks is up, the severity of the attacks is up, and the visibility of the attacks is up. You never saw things like this on the front pages [before], and now it is front page news."

Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge. Get the new Flexibility Equals Strength issue of InformationWeek Government Tech Digest today. (Free registration required.)

William Welsh is a contributing writer to InformationWeek Government. He has covered the government IT market since 2000 for publications such as Washington Technology and Defense Systems. View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
9/3/2014 | 9:58:19 AM
Cybersecurity & EAS
Currently the internet and local resources are the only means of addressing cybersecurity issues. However digital broadcasting, particularly TV, is an alternative that can deliver data securely over double firewall or air isolation. This can be incorporated into an improved Emergency Alert System as part of an improved IPAWS. This is a matter for FEMA to consider.
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll