Government cyber security programs mandated to go commercial
Recent congressional hearings have called
attention to the need for better cooperation between government agencies
and the private sector. An excellent example of how to fulfill that
goal of successful public/private partnerships is demonstrated by the
work of the Transition to Practice Program (TTP) at the Department of
Homeland Security (DHS) Science & Technology (S & T)
Directorate.
TTP was created as a result of the White House’s Federal Cybersecurity R & D Strategic Plan as well as the Comprehensive National Cybersecurity Initiative (CNCI). The mandate of TTP is to move promising cybersecurity technologies developed under Department of Energy (DOE) National Labs and Federal Funded Research & Development Centers (FFRDC’s) into the private sector for further development. TTP is a program of collaboration and operates under the Cyber Security Division (CSD) of S & T.
CSD works closely with Commercialization Office which was stood up in 2008. The Commercialization Office has compiled a listing of over 2,000 technologies, products, and/or services that may have alignment with DHS (and other agencies) needs. CSD and the Commercialization Office maintain a strong focus on fulfilling the technology needs for critical infrastructure/key resource owners, border security, transportation security, and First Responders. CSD involvement is in the full spectrum cycles of the cybersecurity landscape; research, development, testing, evaluation, and transition.
According to the DHS “Cyber Security Division Transition to Practice Technology Guide,” several focus areas cover the critical vulnerability and cybersecurity landscape of the directorate. These include: 1) Internet Infrastructure Security; 2) Critical Infrastructure/key Resources; 3) National Research infrastructure; 4) Leap-Ahead technologies; 5) Cyber security Education; 6) Identity management; 7) Cyber Forensics; and 8) Software Assurance.
There are many important cybersecurity capabilities that have resulted directly from the S & T Directorate’s work with industry. These include:
In S & T DHS formal cyber program structure, preparation for
meeting rapidly evolving next-generation threats has made the
“leap-Ahead Technologies” a focus area of priority. Rapid proto-typing,
and transitioning; showcasing, and providing assistance in
commercializing technologies has become important tasks. As a result,
the private sector’s role as a partner has been elevated and the
Transition to Practice Program (TTP) has garnered notice and
appreciation.TTP was created as a result of the White House’s Federal Cybersecurity R & D Strategic Plan as well as the Comprehensive National Cybersecurity Initiative (CNCI). The mandate of TTP is to move promising cybersecurity technologies developed under Department of Energy (DOE) National Labs and Federal Funded Research & Development Centers (FFRDC’s) into the private sector for further development. TTP is a program of collaboration and operates under the Cyber Security Division (CSD) of S & T.
CSD works closely with Commercialization Office which was stood up in 2008. The Commercialization Office has compiled a listing of over 2,000 technologies, products, and/or services that may have alignment with DHS (and other agencies) needs. CSD and the Commercialization Office maintain a strong focus on fulfilling the technology needs for critical infrastructure/key resource owners, border security, transportation security, and First Responders. CSD involvement is in the full spectrum cycles of the cybersecurity landscape; research, development, testing, evaluation, and transition.
According to the DHS “Cyber Security Division Transition to Practice Technology Guide,” several focus areas cover the critical vulnerability and cybersecurity landscape of the directorate. These include: 1) Internet Infrastructure Security; 2) Critical Infrastructure/key Resources; 3) National Research infrastructure; 4) Leap-Ahead technologies; 5) Cyber security Education; 6) Identity management; 7) Cyber Forensics; and 8) Software Assurance.
There are many important cybersecurity capabilities that have resulted directly from the S & T Directorate’s work with industry. These include:
- Domain Name System Security (DNSSEC) that addresses denial-of-service (DNS) weaknesses and Domain Name System Security Secure Signer to protect web transactions and online communications.
- Secure Ironkey USB Drives for secure web browsing, end-point security and protection against malicious software-related threats.
- Protected Repository for the Defense of Infrastructure against Cyber Threats (PREDICT) to provide privacy-protected operational network traffic datasets for cybersecurity research and development.
- DHS Secure Wireless Access Prototype (DSWAP) for secure wireless access solutions for layered defense on protected networks.
- Other successful technologies and projects that have migrated to operational use both in public and private sectors included Botnet detection and mitigation technology, Data Visualization Tools, Active Malware Protection, and Rootkit Detection and Mitigation technology.
A primary role for TTP is to identify through technology foraging at the DOE National Labs and FFRDC’s and share their capabilities and promise with the private sector, other government agencies, and academia. TTP is committed to outreach, especially with small business. Next month (October) TTP event showcases will showcase eight new innovative cybersecurity technologies developed by the DOE National Labs. Those labs are the backbone of the nation’s scientific & development research national security resources and produce cutting edge ideas and inventions. The ability for the private sector to invest, co-develop and integrate innovative technologies into the cybersecurity marketplace will significantly impact progress in threat deterrence and mitigation.
(¯`*• Global Source and/or more resources at http://goo.gl/zvSV7 │ www.Future-Observatory.blogspot.com and on LinkeIn Group's "Becoming Aware of the Futures" at http://goo.gl/8qKBbK │ @SciCzar │ Point of Contact: www.linkedin.com/in/AndresAgostini