Wanted By DHS: Breakout Ideas On Domestic Cybersecurity - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Government // Cybersecurity

Wanted By DHS: Breakout Ideas On Domestic Cybersecurity

Department of Homeland Security plans to fund cyber defense research efforts to develop pragmatic tools that can be deployed quickly, says Forrester.

 Government Data + Maps: 10 Great Examples
Government Data + Maps: 10 Great Examples
(Click image for larger view and slideshow.)

Companies, universities, and other entities that have existing but unfunded, innovative cyber security projects should take advantage of new funding from the Homeland Security Department to advance their research, according to a new report from Forrester Research of Cambridge, Mass.

The DHS cyber research effort comes at a time when cyber attacks by well-funded crime groups around the globe and hostile nation-states are on the rise, and there is a shortage of funding for technologies to help vital sectors of the economy combat a daily barrage of attacks.

Although there are dozens of legislative proposals for cyber security before Congress, no meaningful cyberbreach legislation is being considered at the moment, according to report author Ed Ferrara, Forrester's principal analyst serving Security & Risk Professionals.

[How do ex-military and ex-hackers approach cybersecurity? Read Hacker Or Military? Best Of Both In Cyber Security.]

"At the tactical agency level... this particular effort is a bright spot in a pretty bleak governmental landscape," Ferrara said. "It's not nearly enough, but it is certainly a step in the right direction."

The department earlier this year issued a broad agency announcement seeking targeted research and development for innovative cyber security tools. DHS has $95 million that it will disburse in multiple phases over the next three to five years, according to government documents.

(Source: geralt, Pixabay)
(Source: geralt, Pixabay)

DHS wants pragmatic tools that can be deployed rapidly to boost the security of public and private organizations that are part of the nation's critical infrastructure, including financial, energy, healthcare, and other sectors.

The first phase of the funding is available for tools in four key domains: data and privacy, distributed denial of service, mobile security, and cyber and physical system integration. Forrester provided more details on what's needed in each domain:

Data privacy and security
DHS seeks methods to boost privacy controls that protect individuals' personal information. To achieve this goal, the department is interested in tools and concepts related to privacy compliance, privacy-preserving federated search capabilities, and mobile computing privacy.

Distributed denial of service
The department wants to develop ways to measure such attacks, enhance communications among affected parties, drive the adoption of existing technologies to mitigate DDoS attacks, and fund the further development of DDoS defense technologies.

Mobile security
DHS wants ideas that address a number of pressing needs. One need is instrumentation for mobile devices that can authenticate users and also perform risk-based assessments on the use of the device. Other needs include a secure approach for accessing mobile device data, new security management tools for mobile devices, and innovative approaches for protecting the component layers of devices from malicious applications.

Cyber and physical integration
DHS wants tools and concepts that address secure system design, and experimental and pilot implementations of such integrated cyber and physical security systems.

Ideally, organizations benefiting from advances in integrated cyber and physical security would be able to deploy them for building and system access, enhanced payment system security, and other applications that require multifactor authentication, according to Forrester.

"Things are getting worse," Ferrara said. "The number of attacks is up, the severity of the attacks is up, and the visibility of the attacks is up. You never saw things like this on the front pages [before], and now it is front page news."

Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge. Get the new Flexibility Equals Strength issue of InformationWeek Government Tech Digest today. (Free registration required.)

William Welsh is a contributing writer to InformationWeek Government. He has covered the government IT market since 2000 for publications such as Washington Technology and Defense Systems. View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
9/3/2014 | 9:58:19 AM
Cybersecurity & EAS
Currently the internet and local resources are the only means of addressing cybersecurity issues. However digital broadcasting, particularly TV, is an alternative that can deliver data securely over double firewall or air isolation. This can be incorporated into an improved Emergency Alert System as part of an improved IPAWS. This is a matter for FEMA to consider.
Think Like a Chief Innovation Officer and Get Work Done
Joao-Pierre S. Ruth, Senior Writer,  10/13/2020
10 Trends Accelerating Edge Computing
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/8/2020
Northwestern Mutual CIO: Riding Out the Pandemic
Jessica Davis, Senior Editor, Enterprise Apps,  10/7/2020
White Papers
Register for InformationWeek Newsletters
Current Issue
[Special Report] Edge Computing: An IT Platform for the New Enterprise
Edge computing is poised to make a major splash within the next generation of corporate IT architectures. Here's what you need to know!
Flash Poll