Posted by Douglas Maughan, Cyber Security Division Director, DHS Science & Technology Directorate
This week, eight new federally funded technologies were showcased in Silicon Valley. The DHS Science and Technology Directorate (S&T) Cybersecurity Division hosted a Transition-to-Practice Technology Demonstration Day for investors, integrators and IT companies to view, test, and “kick the tires” on these new cybersecurity technologies, developed by the Department of Energy’s National Laboratories.
One of the biggest challenges for the research and development community is the ability to transition technology prototypes into real-world products that can be purchased and put to use. This new program is designed to help transition the advanced prototypes of technologies that are ready for commercialization and avoid the gap between laboratories and the commercial market.
The eight new federally funded technologies showcased this week in Silicon Valley, included:
- Path Scan – an intrusion-detection system that thwarts cyber attacks by detecting anomalous network-hopping activity, which is seen as hackers traverse a network looking for key resources
- Code Seal – trust anchors that encrypt computer activities in untrusted environments.
- Net_Mapper/Everest – a network mapping and visualization tool.
- MLSTONES – a biology based malware and event analysis forensic tool that tags and sequences events looking for similarities.
- Hone – a network traffic analyzer.
- Hyperion/FX – a malware detection and software assurance tool.
- Choreographer – a moving target defense tool that detects when DNS connections are bypassed.
- USB ARM – a removable media (USB, DVD, CD-ROM, etc) policy enforcement tool that prevents removable media from mounting into a computer’s file systems.
If these sound pretty technical, they are, but TTP program manager Michael Pozmantier believes that commercial developers will be excited at the opportunity to turn these prototypes into commercially viable cybersecurity products that will increase the cyber security posture of the nation.
A cornerstone of DHS’ mission is to ensure the essential functionality that critical infrastructure provides to the American public is sustained by working with stakeholders to protect their networks including those of the federal government, as well as combating financial crime and fraud, and safeguarding intellectual property rights, while building a national capacity for cybersecurity through outreach, awareness, and education and keeping a steady focus on safeguarding the public’s civil rights and civil liberties.
This week’s event was held in Silicon Valley and S&T expects to hold an identical opportunity for East Coast investors in October.
Secretary Napolitano, joined by Commissioner Kelly, meets with members of the NYPD Counterterrorism Bureau at the World Trade Center Command substation.
During a visit to New York City today, Secretary Napolitano met with NYPD Commissioner Raymond Kelly and members of the New York City Police Department to thank them for their service and ongoing partnership with DHS in support of our shared goal of mitigating threats and increasing response capabilities. She expressed her gratitude for the strong support of the law enforcement, firefighters, and other first responders who are essential partners in the ensuring a safe, secure and resilient homeland.
Secretary Napolitano signs the precinct log book during her visit to the NYPD World Trade Center Command substation.
NYPD Chief of Counterterrorism James Waters, Secretary Napolitano, and Police Commissioner Raymond Kelly at the World Trade Center Command substation.
During her tenure, Secretary Napolitano has made it a priority to provide states, cities, and communities with the tools, training, and resources they need, as well as supporting stronger information sharing through state and major urban area fusion centers.
For more information on Secretary Napolitano’s visit to New York City, visit here
Our daily life, economic vitality, and national security depend on cyberspace. While increased connectivity has led to significant transformations and advances across our country – and around the world – it also has increased the risks to privacy and security. Everyone has a unique role to play in cybersecurity—whether it’s protecting small businesses from fraud, teaching students about cybersecurity ethics, or just thinking twice before clicking on a hyperlink. The Department’s Stop.Think.Connect. TM campaign relies on its National Network of partners to spread the word and raise awareness about the importance of staying safe online.
The National Network comprises approximately 30 non-profit organizations, including D.A.R.E., Boys & Girls Clubs of America, 4-H, InfraGard, and the National Association of Counties. Some of these partners have joined the campaign in recent months, helping us reach more Americans to inform them about their personal role in addressing cybersecurity risks.
Recent new partners include:
- Armed Forces Communications and Electronics Association (AFCEA)
- Center for Internet Security (CIS)
- Connect2Compete, an organization dedicated to expanding access to technology and training
- Connect Safely, a non-profit organization that provides social media and mobile media safety tips
- Government Technology Services (GTS) Coalition
- High Technology Crime Investigation Association (HTCIA)
- Hungry Hungry Hackers (H3), an applied research security community at Georgia Tech
- International Council for Small Business (ICSB)
- Fraud.org, a project of the National Consumers League
- National Elementary Honor Society
- National Junior Honor Society
- National Honor Society
- Women in Homeland Security
Stop.Think.Connect.™ is a national public awareness effort to guide the nation to a higher level of Internet safety and security by educating and empowering the American public to be more vigilant about practicing safe online habits. The campaign encourages Americans to view Internet safety and security as a shared responsibility at home, in the workplace, and in our communities. Through these partnerships with the National Network, the Stop.Think.Connect.™ campaign gains a greater understanding of the cybersecurity issues and trends, and is able to develop helpful tips and resources specific to the organizations and their members.
For a complete list of Stop.Think.Connect. National Network partners, or for more information on how an organization can join, visit www.dhs.gov/stopthinkconnect.
Posted by Shaun Donovan, Secretary of the Department of Housing and Urban Development
Ed. note: This is cross-posted from hud.gov. See the original post here.
From New Orleans to Cedar Rapids to Tuscaloosa to Minot – I have walked the streets and looked in the eyes of families whose lives have come crashing down around them under nature’s wrath.
But nothing prepared me to come back home to New York City last October and look in the eyes of my friend who lost his daughter to Hurricane Sandy. Nothing prepared me to see neighborhoods—many of which had served as the backdrop of my childhood—completely unrecognizable.
This was all due to the devastating storm that hit our shores in the fall with a power and a fury unlike anything most of us had ever seen before. Entire neighborhoods were flooded. Families and small business owners lost everything in a single night. Infrastructure was torn apart. In short, it was one of the most painful chapters in the region’s history and the Obama administration has been committed to helping communities turn the page.
We have worked closely with State and Local governments up and down the East Coast to help prepare for and respond to the storm. Within a week of Sandy making landfall we had 17,000 federal responders on the ground, helping displaced families find shelter and getting communities back on their feet.
In addition, the scope of the damage made clear that more assistance was needed, which is why the President fought for, and Congress ultimately passed, a supplemental funding bill providing tens of billions of dollars to help rebuild impacted communities.
The President also knew that we needed to do two key things: cut red tape to get assistance where it was needed as quickly as possible, and coordinate the efforts of all of the Federal agencies to support local communities as they rebuilt in a way that made them more resilient.
That’s why he created the Hurricane Sandy Rebuilding Task Force, which I have the honor to chair.
For the past six months we have worked closely with our Federal partners to find ways to get funding and other assistance where it’s needed more effectively and efficiently. To date, the Administration has provided assistance to nearly 255,000 people and thousands of businesses. FEMA alone has provided $12 billion in funding to individuals and communities.
Additional funding from the supplemental funding bill continues to flow into the region.
And, today, I’m proud to release the Hurricane Sandy Task Force’s Rebuilding Strategy– which will help guide the investment of these funds and, in the bigger picture, assist communities across the nation in preparing for the increasing risks caused by extreme weather.
The President has been clear – most recently in his Climate Action Plan – that we have an obligation to protect the planet for the next generation, just as our parents and grandparents handed us a better planet. He has outlined a plan to cut carbon pollution that harms our health and our planet – and that is contributing to greater risks of asthma attacks and more severe floods and heat waves that drive up food prices.
He has also been clear that, as we take responsible steps to cut carbon pollution, we must prepare communities across the country for the impacts of climate change, many of which are already being felt.
The Hurricane Sandy Rebuilding Task Force’s Rebuilding Strategy lays out a series of recommendations that will help the Sandy-impacted region rebuild in a way that will prepare them for these impacts – and that will serve as models for communities across the country.
For highlights from the Rebuilding Strategy, click here.
To read the entire Rebuilding Strategy, click here.
Over the past four and a half years, cybersecurity has become one of the top priorities at the Department of Homeland Security. Today, I am pleased to announce the appointment of Phyllis Schneck as the new Deputy Under Secretary for Cybersecurity for the National Protection and Programs Directorate (NPPD). Phyllis will be coming to the Department of Homeland Security from her current position as Vice President and Chief Technology Officer for the Global Public Sector at McAfee, Inc. with a wealth of experience in cybersecurity and information security.
For more than 14 years, Phyllis has had a distinguished presence in the security and infrastructure protection community, most recently as a key contributor on the CSIS Commission on Cybersecurity for the 44th Presidency. Phyllis is the current Chairman of the Board of Directors of the National Cyber Forensics and Training Alliance, a partnership between corporations, government and law enforcement for cyber analysis to combat international cyber crime. Phyllis has also served as the Chairman of the NIST Information Security and Privacy Advisory Board, which helps identify emerging managerial, technical, administrative, and physical safeguard issues relative to information security and privacy.
Before joining McAfee, Phyllis held various senior and information science positions at Research Integration for Secure Computing, eCommSecurity, SecureWorks, Inc., Avalon Communications, CygnaCom Solutions, the MITRE Corporation, Computer Sciences Corporation, IBM, NASA and the University Of Maryland.
Phyllis has been a close partner in our cybersecurity mission for many years. She served for eight years as chairman of the FBI’s InfraGard National Board of Directors and founding president of InfraGard Atlanta, growing the InfraGard program to over 30,000 members nationwide in the past decade, and fostering a relationship between InfraGard and DHS. Equally impressive, Phyllis holds three patents in high-performance and adaptive information security, and has six research publications in the areas of information security, real-time systems, telecom and software engineering.
During my tenure as Secretary, we have strengthened partnerships with the private sector to secure cyber networks and protect physical assets while developing a world-class cybersecurity workforce. In fact, the position of Deputy Under Secretary for Cybersecurity was created in 2011 to act as the Department’s chief cybersecurity policy official, in recognition of the growing importance of cybersecurity to DHS’ mission of strengthening the security and resilience of our nation's critical infrastructure. I am confident that Phyllis will continue these efforts, and build upon the foundations laid by her predecessors, to create a safe, secure and resilient cyber environment and promote cybersecurity knowledge and innovation.
Today marks the first anniversary of the Department of Homeland Security's implementation of deferred action for childhood arrivals (DACA), a directive that was built on a number steps taken by DHS during President Obama's administration to ensure that we are using our immigration enforcement resources most effectively, based on common sense priorities that focus first on those that pose threats to our communities.
Following a series of steps to make the immigration system more effective by focusing our enforcement resources in a common sense way, in June 2012, I announced an initiative that allows young people who were brought to the United States as children, who do not present a risk to national security or public safety, and who meet several key criteria to be considered for deferred action and work authorization. Just 60 days later, on August 15th, 2012, U.S. Citizenship and Immigration Services began accepting DACA requests.
Because of the action we have undertaken through the DACA process, thousands of hardworking young people who are American in every way but a piece of paper now have the ability to continue their educations and contribute to their communities. In just its first year, over 500,000 individuals have requested Deferred Action for Childhood Arrivals and after a thorough review of each of those cases, including a background check, 430,000 requests have already been approved, with others still under review. These young people came to our country as children and many of these young people have already contributed significantly to our country.
Our nation's immigration laws must be enforced in a strong and sensible manner but they are not designed to be blindly enforced without consideration given to the individual circumstances of each case. Prosecutorial discretion, which is used in so many other areas, is especially justified in DACA cases. And, by removing the threat of deportation for people brought to the country as children, we have been able to continue to focus our enforcement efforts on serious criminals, public safety threats, and those who pose a danger to national security.
DACA is not a long term solution to the broader challenges presented by our nation's outdated immigration system. Earlier this year, the Senate passed a bipartisan bill that would modernize our system, ensuring it was more fair, while also expanding the resources devoted to protecting our nation's borders and sanctioning employees who continue to hire illegal labor. The bill would require anyone who seeks a path to citizenship to get right with the law, pay taxes, learn English, and if those conditions are met would have the opportunity to become citizens only after those who are already in line. As a broad coalition of Americans, from business leaders, to labor groups, to law enforcement, to the evangelical community, have agreed, now is the time for this important reform. It's good for our economy, it corresponds to our values as a nation of immigrants, and it's the right thing to do.
I am hopeful that the House of Representatives will follow the leadership shown by a strong bipartisan majority of their Senate colleagues and work to fix our broken immigration system. In the meantime, however, DACA will continue to serve as an important means by which young people brought here as children can remain in, and contribute to, this great country.
This week, DHS achieved an important milestone towards better protecting government networks from cyber attacks. The General Services Administration yesterday announced a contract award that will allow government agencies to partner with the Department of Homeland Security (DHS) to deploy Continuous Diagnostics and Mitigation (CDM) technology that will enhance the security and resilience of their networks – better safeguarding both the sensitive data on those networks and the critical functions they provide to all Americans.
Through the CDM program, DHS works with partners across the entire Federal executive branch civilian government to deploy and maintain an array of sensors for hardware asset management, software asset management and whitelisting, vulnerability management, compliance setting management and feed data about an agency’s cybersecurity flaws and present those risks in an automated and continuously-updated dashboard. CDM, which will also be available for state and local entities as well as the defense industrial base sector, provides our stakeholders with the tools they need protect their networks and enhance their ability to see and counteract day-to-day cyber threats.
Whether to receive important health or emergency information or to check on the provision of essential government services, millions of Americans visit government websites every day. While increased connectivity has transformed and improved access to government, it also has increased the importance and complexity of our shared risk. The growing number of cyber attacks on Federal government networks is growing more sophisticated, aggressive, and dynamic.
Government computer networks and systems contain information on national security, law enforcement, and other sensitive data, including information about federal employees and others. It is paramount that the government protects this information from theft and protects networks and systems from attacks while continually providing essential services to the public. As the department responsible for securing unclassified federal civilian government networks—the “dot-gov” domain—DHS coordinates the national response to significant cyber incidents and maintains a common operational picture for cyberspace across the government. Part of that responsibility includes network intrusion detection and prevention technology under a program known as Einstein. When both programs are implemented, they will provide complementary protections across the dot-gov domain, further protecting the government’s infrastructure and the nation’s data.
Under the CDM program, participating departments and agencies will be able to enhance their cybersecurity assessments by implementing automated network sensor capacity and prioritizing risk alerts. Results will feed into agency-level dashboards that produce customized reports that alert information technology managers to the most critical cyber risks, enabling them to readily identify which network security issues to address first, thus enhancing the overall security posture of agency networks. Summary information from participating agencies will feed into a central Federal-level dashboard, managed by DHS’ National Cybersecurity Communication and Integration Center, to inform and prioritize cyber risk assessments across the Federal enterprise and support common operational pictures that provide cybersecurity situational awareness to our stakeholders.
The CDM program will strengthen cybersecurity across the “dot-gov” domain, improve our cybersecurity posture, and enhance other critical cybersecurity capabilities to thwart advanced, persistent cyber threats in a dynamic threat environment.
DHS has partnered with the General Services Administration to award a multi-vendor, five-year blanket purchase agreement contract for the CDM program, that will provide real-time diagnostic and mitigation services to federal executive branch civilian agencies, state and local entities, and the defense industrial base sector. The BPA is an overarching contract with an estimated ceiling of $6 billion over its five year duration (one-year contract with four additional one-year options) and is open to all Federal civilian departments and agencies, the defense industrial base sector, as well as state, local, tribal, and territorial governments. This significant contract award is designed to support Federal civilian networks and the extensive number of cybersecurity requirements for any Federal custom and cloud application over the life of the contract, and will be funded through each participating department and agency, not solely by DHS.
Today, Security Napolitano administered the Oath of Allegiance and delivered remarks at a naturalization ceremony at W.T. Woodson High School in Fairfax. The 350 new United States citizens naturalized today represent 75 countries, and include two active duty members of the United States Armed Forces.
Secretary Napolitano said, “Throughout our history, people from across the world have come to the United States seeking freedom and new opportunities for themselves and their families. Now, as United States citizens, you have earned the rights and freedoms that our Constitution guarantees, as well as the responsibilities that citizenship brings to contribute to the strength and vitality of our communities and our Nation.”
Read more about U.S. Citizenship and Immigration Services, the DHS component responsible for overseeing lawful immigration to the United States here.
Today in Cincinnati, Secretary of Homeland Security Janet Napolitano and U.S. Immigration and Customs Enforcement Acting Director John Sandweg met with business community leaders to discuss the need for commonsense immigration reform, which is critical to our nation’s economic health and prosperity. During the meeting, Secretary Napolitano discussed the need for critical changes to the legal immigration system in order to create a 21st century immigration system that helps businesses continue to grow the economy.
Secretary Napolitano said, “Over the past few months, I have heard from many business leaders about how critical immigration is to businesses. That’s why we were encouraged by the passage of the immigration legislation in the U.S. Senate, which would make critical changes to the legal immigration system. Together, these reforms will help us support businesses and improve our economy, while helping us continue to strengthen border security.”
You can read more about this meeting, and Secretary Napolitano’s trip to Cincinnati, here.
Posted by Shayne Adamski, Senior Manager of Digital Engagement at the Federal Emergency Management Agency
Editors' Note: This was originally posted on the FEMA blog on August 2, 2013.
Crowdsourcing disasters. New social media sites. Centralized places to get info. Our digital team at FEMA has been busy launching a number of new tools to help the public and our partners to prepare for, respond to and recover from disasters. Here’s a quick rundown of the new resources:
- FEMA App with the Disaster Reporter feature
- FEMA’s Social Hub
- FEMA LinkedIn
- U.S. Fire Administration Facebook
How does this help you be a part of the emergency management team? Watch this demo from Administrator Fugate as he walks through all the new tools and resources you can take advantage of:
Before a disaster, you can download the FEMA App and use the interactive emergency kit checklist and learn what to do during specific hazards. And if you find yourself in a situation, where you need a refresher, you can still pull up the safety info in the app, even if you don’t have a cellular or wifi connection.
After a disaster, if you’re not placing yourself in harm’s way, you can use the Disaster Reporter feature in the FEMA App and take a photo of the disaster area and upload it to us (just make sure the GPS function is turned on). This includes all types of disasters, not just Federal disasters.
We’ll review the photo submissions to ensure: (1) it is disaster-related, (2) not spam, and (3) there are no privacy issues. And then all approved content is posted on a public map. It’s pretty simple.
We’re really excited about this new feature, because it gives all stakeholders in a disaster area the ability to upload information to a centralized place, allowing all emergency managers to view the information. Since we’re using the FEMA GeoPlatform for our mapping interface the content can be shared on other maps and sites, using what techies refer to as an API (Application Programming Interface).
Speaking of centralized places to view information, the Social Hub is where all stakeholders can go to view tweets from trusted emergency managers. The great thing about the Social Hub is we can change the information we’re displaying on the fly. When we launched the Social Hub on Monday, July 29, we were displaying tweets from accounts in Hawaii, because we were monitoring Tropical Storm Flossie.
When the storm dissipated, we transitioned to displaying local National Weather Service tweets, both in a scrolling format and on a map. As we know, more and more people are going mobile with their devices (phones and tablets), so we also created a Social Hub on our mobile site.
Finally, we recently launched two new channels to better engage FEMA’s digital audience: the FEMA LinkedIn page and the U.S. Fire Administration Facebook page. On LinkedIn, look for job listings, stories about what a “day in the life” looks like at FEMA, and other training resources. And if you “Like” the U.S. Fire Administration Facebook page, you’ll receive lots of stories, resources, and tips for assisting fire departments or firefighters.
When I testified on Capitol Hill on Social Media and Emergency Management last month, I said that we’re always looking at how we can expand our existing digital and social products. As you can imagine, we’re excited about these new tools and we’re looking forward to feedback.
Kick the tires as they say and let us know what you think.