In a perfect world, our nation’s critical infrastructure and citizen’s personal information will be protected from adversaries and security will operate seamlessly in the background. But how do we work together and what tools do we need to accomplish this ideal state?
On May 18, the Department of Homeland Security (DHS) Science & Technology Directorate (S&T) launched the National Conversation’s Campaign: A Trusted Cyber Future: Ensuring Protection of Privacy, Commerce, and Community to discuss a variety of topics relevant to protecting our cyber ecosystem.
“If we want to make progress toward the cybersecurity challenges we face as a nation, we need to be developing a sense of what will be required in the future,” said DHS Under Secretary for Science and Technology Dr. Reginald Brothers.
To accomplish this goal, DHS S&T’s Cyber Security Division held both online and in-person discussions around the country to engage a wide range of stakeholders to determine where the division should focus next in cyber security research and development.
S&T’s cyber team is capturing feedback from 12 in-person events and open online discussions at scitech.ideascale.com and on Twitter, using the hashtags #SciTechConvo and #CyberFuture. From June to September the team met with a variety of cybersecurity professionals from California, Colorado, Georgia, Massachusetts, Minnesota, Nevada, New Jersey, Texas, Washington state, and Washington, DC.
The input gathered will inform and help update two documents that guide CSD’s work: The President’s National Science and Technology Council’s December 2011 Strategic Plan for the Federal Cybersecurity Research and Development Program (PDF, 36 pages, 795 KB), and the division’s own Cyber Security R&D Strategic Plan (PDF, 36 pages, 222 KB), last revised in 2013.
Douglas Maughan, director of the Cyber Security Division, notes the National Conversation is a transparent and inclusive way for the agency to gather input on its way ahead.
“There’s no silver bullet for cybersecurity,” said Maughan. “We have to continue to work across a number of different technical angles to improve our entire cyber security posture. To make this conversation valuable, we’ve worked to attract a very broad group of people at every conversation: big industry, small business entrepreneurs, national labs, federal, state, and local government, educators, and students. We have kept the sessions small, and the result has been really good conversations about the issues of concern across the nation.”
In addition to participants from universities and research labs, the conversations have attracted executives from companies like Boeing, PayPal, United HealthPartners and SalesForce, he noted.
Online, the discussion has included several topics relevant to protecting the cyber ecosystem:
- The importance of systems assurance tools able to detect cyber vulnerabilities,
- Fine-grained software execution logging to improve accuracy and privacy of enterprise production systems,
- Language-theoretic security principles for critical information infrastructure software,
- Capture of system vulnerabilities and risk factors before going to market, and
- Methods for real-time private access and querying of sensitive data
Participants in the National Conversation sessions also have identified some non-technical areas as possible research such as cybersecurity education, which emphasized continuing education for professionals working in cybersecurity as well as education and training for users of all ages.
Notes gathered from the in-person meetings are available on the ideascale website and a final report of the National Conversation will also be posted on the site later this year.
To learn more about CSD’s research and development projects, visit http://www.dhs.gov/cyber-research.