Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
GlobalConferenceonCyberSpace2015GlobalConferenceonCyberSpace2015GlobalConferenceo
Public-Private Cooperation in Cybersecurity Research Strategy Development across the Globe A View from the U.S. Department of Homeland Security (DHS)
GlobalConferenceonCyberSpace2015GlobalConferenceonCyberSpace2015GlobalConferenceo
Envision a future ... in which universities and companies are free to research and develop new concepts and products … protecting their IP and valuable data
The United States is committed to helping build cybersecurity capacity. Enhancing national-level cybersecurity … is also essential to cultivating dynamic, international research communities able to take on next-generation challenges to cybersecurity
We will further promote collaborative science and technology research to enhance cybersecurity tools and capabilities
Background
3
178 5,815
4,360
178
61 3,479
440 34 National 24K stations
170
1,120
19,902
10,000
3,637
47
COMM/911 6,153
EMS - 21,283
LE - 17,985
Fire - 30,125
and similar health facilities
5,000
Colleges & Universities
6,900
Departments 14,800
Social Services 210,427
Utilities 16,960
327
Transportation 217,926
Public Works ~24,000
Media 14,650
Chemical, Oil and Gas 2,500
Restoration & Repair 402,440
>1.5 million NGOs
Veterinarians 21,731
Schools 132,656
Telecom & IT 11,000
Sports Facilities 1,965
State, Tribal, Local Govts 39,3130
Telematics Providers 16,960
Doctors’ Offices, Nursing Homes
19,286
EMPLOYERS 7,601,160
Mental Health Services 15,000
Federal Agencies 16,960
308,500
Insurance Companies
The Broad Homeland Security Enterprise
GlobalConferenceonCyberSpace2015GlobalConferenceonCyberSpace2015GlobalConferenceo
Cybersecurity Requirements Strategies 2003 2008 2009 2011 2012 2013
4
Call for Action Secure Protocols DNSSEC Secure Routing DETER security testbed PREDICT data repository
CNCI - Call for NICE
(Education) - Call for NSTIC
(Trusted Identities)
- Reinforce need for PREDICT data repository
S&T Produced National R&D Roadmap with community input Source for DHS S&T BAA, SBIR, and other solicitations
CNCI Tasks 4&9 S&T led via co-chair of CSIA IWG Significant inter-agency activities initiated by WH/NSS/OSTP
Implementation plan to accomplish goals of DHS QHSR 24 high priority capabilities needed NPPD-led, S&T involved
EO 13636: Improving Critical Infrastructure Cybersecurity PPD 21: Critical Infrastructure Security and Resilience
GlobalConferenceonCyberSpace2015GlobalConferenceonCyberSpace2015GlobalConferenceo
Cybersecurity Research Requirements Departmental Inputs • QHSR 2009 & 2014 • Blueprint • NPPD/CS&C/NCCIC • ICE HSI / IPR • USSS • CBP • USCG • TSA • DHS CIO/CISO
Councils
State/Local • S&T First Responders Group • First Responder Access Card • SWGDE (FBI)
CSD
International Collaborations
5
White House/NSS • National Strategy 2003 • Comprehensive National
Cybersecurity Initiative (CNCI) • EO 13636/PPD 21 • National CISR R&D Plan • Transition to Practice (TTP) • Cyber Economic Incentives
Research • National Initiative for
Cybersecurity Education (NICE)
Interagency Collaboration • Cyber Security and
Information Assurance (CSIA) IWG
• Cyber-Physical Systems (CPS) SSG
• Big Data SSG • Cyber Forensics WG
Critical Infrastructure Sectors (Private Sector) • Energy (Oil & Gas,
Electric Power) • Banking and Finance • Communications/IT • Cross-Sector Cyber
Security WG
GlobalConferenceonCyberSpace2015GlobalConferenceonCyberSpace2015GlobalConferenceo
CSD Mission & Strategy REQUIREMENTS
CSD MISSION Develop and deliver new technologies, tools and techniques to defend and secure
current and future systems and networks Conduct and support technology transition efforts Provide R&D leadership and coordination within the government, academia, private
sector and international cybersecurity community CSD STRATEGY
Trustworthy Cyber
Infrastructure
Cybersecurity Research
Infrastructure
Network & System Security
and Investigations
Cyber Physical Systems
Transition and Outreach
Government Venture Capital
IT Security Companies Open Source
International
Stakeholders Outreach Methods (Sampling) Technology Demonstrations
Program Reviews Speaking Engagements
Social Media Media Outreach
GlobalConferenceonCyberSpace2015GlobalConferenceonCyberSpace2015GlobalConferenceo
S&T International Agreements
• Canada (2004) • Australia (2004) • United Kingdom (2005) • Singapore (2007) • Sweden (2007) • Mexico (2008) • Israel (2008) • France (2008) • Germany (2009) • New Zealand (2010) • European Commission (2010) • Spain (2011) • Netherlands (2013)
Government-to-government cooperative activities for 13 bilateral Agreements
FY13-14: Over $6M of International co-funding (leveraging over $70M of U.S. funded efforts)
FY 15-16: Anticipating a similar amount, including some new countries
COUNTRY PROJECTS MONEY IN JOINT MONEY OUT Australia 3 $300K $400K Canada 11 $1.8M Germany 1 $300K Israel 2 $100K Netherlands 7 $450K $1.2M $150K Sweden 4 $650K United Kingdom 3 $1.0M $400K $200K New Zealand 1 Japan 1
GlobalConferenceonCyberSpace2015GlobalConferenceonCyberSpace2015GlobalConferenceo
Netherlands / US Co-Investment Models Netherlands US US Netherlands Netherlands US
Ongoing efforts 1) Modeling Internet Attacks 2) Improving Incident Response
Teams 3) Reducing the Challenges to
Investments in Private Sector.
Ongoing efforts 1) Process Control Systems/SCADA 2) Mobile malware 3) Cybercrime economic measures.
Ongoing efforts • Forensics project
Proposed efforts • BAA projects (2014 call)
o Mobile Technology Security
o Data Privacy o Cyber Physical System
Security (CPSSEC) o Distributed Denial of
Service Defenses
Proposed efforts • Identity, privacy and trust management • Malware and malicious infrastructures • Attack detection, attack prevention and
monitoring • Forensics and incident management • Data, Policy and Access Management • Cybercrime and the underground economy • Risk management, Economics, regulation • 2016 joint call
Proposed discussions • Human-centered cybersecurity • Internet situational awareness • Cybersecurity Metrics
GlobalConferenceonCyberSpace2015GlobalConferenceonCyberSpace2015GlobalConferenceo
2014 Broad Agency Announcement BAA released incl. to participating countries: https://baa2.st.dhs.gov • $95M over 5 year period
9
GlobalConferenceonCyberSpace2015GlobalConferenceonCyberSpace2015GlobalConferenceo
The LOGIIC Model of Government & Industry Partnership
Linking the Oil and Gas Industry to Improve Cyber Security
• LOGIIC is an ongoing collaboration of oil and natural gas companies and the U.S. Department of Homeland Security, Science and Technology Directorate.
• LOGIIC facilitates cooperative research, development, testing, and evaluation procedures to improve cybersecurity in industry digital control systems.
• LOGIIC promotes the interests of the sector while maintaining impartiality, the independence of the participants, and vendor neutrality
GlobalConferenceonCyberSpace2015GlobalConferenceonCyberSpace2015GlobalConferenceo
LOGIIC Consortium Breaks New Ground
• The Automation Federation (AF) serves as the LOGIIC host organization
• Member companies contribute financially and technically, provide personnel who meet regularly to define projects of common interest, and provide staff to serve on the LOGIIC Executive Committee.
• Current members of LOGIIC include BP, Chevron, Shell, Total, and other large oil and gas companies that operate significant global energy infrastructure.
GlobalConferenceonCyberSpace2015GlobalConferenceonCyberSpace2015GlobalConferenceo
LOGIIC – Operational Context
Project #1
Project #2
Project #3
Project #4
Project #N
Researchers
Vendors
Labs
DHS S&T ISA Automation Federation (AF)
(Legal Framework)
Outreach
Vendors
Industry
Standards Bodies
CI Owners and Operators
Findings
Current Members
Oil & Gas Sector Participating Companies
• Program Management • Subject Matter Expertise
• Access to Labs • Testing Facilities
• Independent Researchers
$$ $$
GlobalConferenceonCyberSpace2015GlobalConferenceonCyberSpace2015GlobalConferenceo
Summary • Cybersecurity research is a key area of innovation to support our global
economic and national security futures • CSD continues with an aggressive cyber security research agenda to solve
the cyber security problems of our current and future infrastructure and systems – Ever-increasing speed of technology change – Scope/complexity of the different areas of the problem – The balance of near-term versus longer-term R&D
• Will continue strong emphasis on technology transition • Will impact cyber education, training, and awareness of our current and future
cybersecurity workforce • Will continue to work internationally to find and deploy the best ideas and
solutions to real-world problems
GlobalConferenceonCyberSpace2015GlobalConferenceonCyberSpace2015GlobalConferenceo
Douglas Maughan [email protected]
GlobalConferenceonCyberSpace2015GlobalConferenceonCyberSpace2015GlobalConferenceo
Douglas Maughan [email protected]
GlobalConferenceonCyberSpace2015GlobalConferenceonCyberSpace2015GlobalConferenceo