Since the advent of the internet and our nation’s increased reliance on it, cyberattacks have become an increasingly common and insidious threat. We’ve heard of hospitals and businesses felled by attacks that held their critical data for ransom, and as recently as this summer even federal government agencies were targeted. The growing number of threats across the public and private sectors is a stark reminder of the importance of ensuring our cybersecurity by having key defensive measures in place.
At S&T, our goal is to be on the cutting-edge when it comes to ensuring our nation’s cybersecurity. We do this in a number of ways—through collaborative efforts to support and advance the Cybersecurity and Infrastructure Security Agency’s (CISA) mission, by developing tools to identify potential vulnerabilities in our nation’s critical infrastructure systems and networks, and by implementing solutions to improve cybersecurity-related risk analysis processes and assessment.
To kick off Cybersecurity Awareness Month, I’d like to spotlight some examples of the work that we have actively underway with and for CISA, as well as with international partners and other stakeholders, to ensure that our nation’s cyber systems and networks are protected from malicious actors.
The Cybersecurity Threats Technology Center – S&T’s Cybersecurity Threats Technology Center is supporting research to enhance the cybersecurity and resilience of our critical infrastructure. This research expands our knowledge of future threats, studies approaches to mitigating those threats, and aims to reduce risks so that our partners can plan to safely integrate and transition emerging technologies in the near future.
One effort that kicks off this month is the Shared Intelligence Resilience project, which will look at how artificial intelligence (AI) and machine learning can be leveraged to identify and mitigate vulnerabilities across distributed systems and organizations; privacy and confidentiality techniques that can increase the security of these mechanisms; and incentivization models that will encourage participation in collective cybersecurity frameworks.
Another one of S&T’s upcoming research initiatives focuses on countering adversarial use of AI in zero trust environments. This project will take a more model-based approach to quantifying what information is needed about cyber-physical-human systems to design intelligent attacks that are difficult to detect and may have significant cascading effects. We will investigate whether (or how) zero trust implementations can reduce susceptibility to these vulnerabilities and inform technology developers about these potential risks so they can build more secure critical infrastructure systems.
Evaluating Smartphone-based Identify Proofing Technologies – S&T’s Biometric and Identity Technology Center, in partnership with the Transportation Security Administration, the National Institute of Standards and Technology, Homeland Security Investigations Forensic Laboratory, and other federal agencies, is evaluating smartphone-based identity proofing technologies to assess how well these technologies can authenticate legitimate users and detect impostors.
Threat-focused Reverse Engineering – There are growing technological impacts of malicious cyber activities on the information technology (IT) systems and networks that our federal government relies on for essential operations. These systems face evolving and diverse cyberthreats ranging from unsophisticated hackers to professional malicious actors. Through S&T’s threat-focused reverse engineering research initiative, we are developing processes that will improve and automate existing malware analysis techniques. These processes will directly contribute to CISA’s ongoing efforts to develop strategies and tools that will enhance their threat prediction, recognition, identification, and mitigation capabilities.
Deception Orchestration Leveraging Opensource-Intel – S&T is developing tools to train IT analysts and increase their awareness of the tactics, techniques, and procedures that are utilized by malicious actors to gain access to secured critical information systems and networks. The goal: increase cybersecurity organizations’ ability to identify potential vulnerabilities and implement appropriate countermeasures to address any weaknesses and shield from attacks.
Risk Frameworks and Tools – S&T is developing frameworks and tools that will improve systematic risk analysis processes and produce timely assessments for decision support requests and other requests for information.
Seedling Idea Generation – This research initiative focuses on developing telemetry analytics designed to enhance protections around cloud computing systems. S&T is developing machine learning and deep learning analytics designed to detect new and/or variant attacks in cloud computing. This effort will provide CISA’s analysts with cutting-edge recommendations, analytics and response capabilities, and improve their visibility in the cloud environment.
International research and collaborative efforts in cyber and emerging technologies – S&T is conducting research, development, testing, and evaluation (RDT&E) to enable the transition of advanced cybersecurity technologies to DHS agencies. As part of this mission, we are executing international treaties and agreements with partners on a number of RDT&E programs that span DHS’ cybersecurity and emerging technology program areas. S&T’s global network of partners helps us build scientific capacity and accelerate solutions development – strengthening our capabilities, readiness, and resilience in the cyber domain.
S&T is engaging in information sharing and RDT&E with global partners in Europe, Asia, the Middle East, Oceania, and across North America. Some of our shared interests include cyber-physical interdependencies and security; homomorphic encryption; quantum computing and sensing; human-machine teaming; and software/hardware assistance.
One of our goals next year is to strengthen our partnerships with key allies in Europe and the Middle East. To leverage the Indo-Pacific region’s expertise on digital technologies and innovative approaches to DHS missions, S&T will expand cybersecurity partnerships with leading allies in this part of the world. We will also continue to conduct staff exchanges; participate in and lead multilateral workshops; and promote bilateral industry engagement with our colleagues around the globe.
As the internet and its associated technologies and utilities continue to evolve, ensuring our online safety has never been more important than it is right now. However, S&T and our partners are doing everything we can to ensure that we continue to rise to this challenge both today and in the future.
To stay up to date on our cyber-related R&D efforts, follow S&T’s social media accounts (@DHSSciTech) throughout the month of October.