Cyber Security R&D Challenges: Homeland Security Perspective Simon

Cyber Security R&D Challenges: Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D 202-254-5802 A

Outline DHS Organizational Overview Information Analysis and Infrastructure Protection Science and Technology DHS Cyber Security Research and Development Research Interests and Priorities DHS S&T Challenges Research Community Issues

Department of Homeland Security Overview Secretary (Ridge) Deputy Secretary (Loy) (acting) Information Analysis & Infrastructure Protection (Libutti) Science & Technology (McQueary) Border & Transportation Security (Hutchinson) Coast Guard United States Secret Service Citizenship & Immigration & Ombuds Civil Rights and Civil Liberties Legislative Affairs General Counsel Inspector General State & Local Coordination Private Sector Coordination International Affairs National Capital Region Coordination Counter-narcotics Small and Disadvantaged Business Privacy Officer Chief of Staff Emergency Preparedness & Emergency Response (Brown) Management (Hale)

Information Analysis and Infrastructure Protection Directorate Information Analysis and Infrastructure Protection (Libutti, Under Secretary) Information Analysis (Hughes) Risk Assessment Division Indications and Warning Division Infrastructure Protection (Liscouski) National Cyber Security Division Protective Security Division Infrastructure Coordination Division National Communications System

National Cyber Security Division Mission The National Cyber Security Division (NCSD) is the national focal point for addressing cyber security issues in the United States and will coordinate implementation of the National Strategy to Secure Cyberspace. Mission components include: 1. 2. 3. 4. Identifying, analyzing, and reducing threats and vulnerabilities Disseminating threat and warning information Coordinating incident response Providing technical assistance in continuity of operations and recovery 5. Serving as national focal point for the public and private sectors regarding cyber security issues to implement the National Cyber Strategy

Science and Technology Directorate Science & Technology (McQueary, Under Secretary) Office of Plans Programs and Budgets (Albright) Office of Research and Development (McCarthy) Homeland Security Advanced Research Projects Agency (Oxford (Acting)) Office of Systems Engineering & Development (Kubricky) Strategic, programmatic, budget planning Stewardship of an enduring capability Innovation, Adaptation, & Revolution Development Engineering, Production, & Deployment Planning Execution

S&T Directorate Responsibilities: Homeland Security Act of 2002 Advising the Secretary regarding. Identifying priorities for Establishing, conducting, and coordinating basic and applied research, development, testing and evaluation (RDT&E) activities that are relevant to any or all elements of the Department, through both intramural and extramural programs.

Cyber Security R&D Portfolio: Context The Internet serves a significant underlying role in many of the Nation’s critical infrastructures. Communications, monitoring, operations and business systems. Adversaries face asymmetric offensive and defensive capabilities with respect to traditional warfare. Makes cyberspace is an appealing battleground. Cyberspace provides the ability to exploit weaknesses in our critical infrastructures. Provides a fulcrum for leveraging physical attacks.

Cyber Security R&D Portfolio: Threats The most significant cyber threats to the nation are fundamentally different from the “script-kiddies” or virus writers. Adversaries who seek to harm the Nation’s critical infrastructure are driven by different motivations. DHS S&T focus is on those threats and issues that warrant national-level concerns.

Cyber Security R&D Portfolio: Budget FY 2004 cyber security R&D budget: 18M FY 2005 cyber security R&D budget: 18M Overall 2005 budget for DHS S&T: 1.1B DHS S&T portfolio budgets developed through in-depth strategic planning process

Important R&D Areas Cyber Security Functional Requirements Attack protection and prevention Attack detection, response, and recovery Situational awareness, incident & warning Secure software engineering & development Software assurance, code testing & analysis Lightweight, low-latency authentication Forensics, traceback, attribution Hardware/firmware security Secure operating systems Securing the Infrastructure Secure domain name system Secure routing protocols Secure process control systems (retrofit and future infrastructure) Other Needs Privacy Foundations for Cyber Security Metrics and testing Economic assessment Long term goal of risk-based decision making Red teaming Domain-Specific Security Needs Wireless Internet priority service Distributed & embedded computing platforms Enabling Technologies for R&D Testbeds Modeling and simulation Network mapping Security technology and policy management

Setting the Government Research Agenda Critical Information Infrastructure Protection Interagency Working Group Responding to Homeland Security Presidential Directive 7 InfoSec Research Council (IRC) Revisiting the IRC Hard Problems List: 5-10 year problems that require sustained R&D investments

Improving the Nation’s Cyber Security More capable people Increased use of security technology in existing infrastructure Development of more inherently secure technology for new infrastructure Migration from existing to next-generation infrastructure Better foundations for risk-based technology investments

Tackling Cyber Security Challenges: Business Not as Usual Strong mission focus (avoid mission creep) Close coordination with other Federal agencies Outreach to communities outside of the Federal government Building public private partnerships Strong emphasis on technology diffusion and technology transfer Development of migration paths Awareness of economic realities

Research Community Issues Future cyber security R&D funding Anticipated trends Funding opportunities: http://www.hsarpabaa.com/ Investment focus Short/long term R&D vs. basic/applied R&D Anticipated trends Emphasis on technology transfer Strategy and plans Partnerships

Questions? Simon Szykman, Ph.D. Director, Cyber Security R&D 202-254-5802