1+2 MAS - Industry Day - Intro + CSD Overview.pdf
Mobile Application Security (MAS) Industry Day Slides and Q&A
Date Originally Posted
June 23, 2016, 9:32 a.m.
WELCOME Mobile Application Security (MAS) Industry Day June 9, 2016@dhsscitech#CyberBAAPresenter’s Name June 17, 2003Description of current DHS S&T Cyber Security Division (CSD) ProgramPresentation of Broad Agency Announcement (BAA)Presentation of Topics Areas (TTAs) for this Industry DayIndustry Day provides opportunities for: (1) understanding S&T CSD’s requirements(2) asking Questions and getting Answers (FAQ)(3) finding partnersIndustry Day Purpose2•11/17/20103Logistics•Solicitation Questions? •Please write your questions on the provided index cards (1 per TTA). We will collect your questions during the break or drop them off at the registration desk. •Q&A will be posted on FedBizOpshopefully within a week•Restrooms: Are located in the Regency Ballroom Foyer•Water Stations: Located in the back of the room•Stay Connected! Follow @dhsscitech#CyberBAAon Twitter & Periscope DHS S&T Cyber Security Division: An OverviewHomeland Security Advanced Research Projects Agency Douglas MaughanDivision DirectorJune 9, 2016http://www.dhs.gov/cyber-researchEstablishing a Commission on Enhancing NationalCybersecurity on improving our privacy and public safetyCreating a Federal Chief Information Security Officerto lead on cybersecurity oversight, policies, and strategyEstablishing a $3.1 billion Information TechnologyModernization Fund to retire, replace, and modernize legacy government IT systemsWorking with industry to encourage broader use of security tools like Multi-Factor AuthenticationCybersecurity National Action PlanRequested by Congress in the 2014 Cybersecurity Enhancement Act to update and expand the 2011 plan, Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development ProgramWritten in 2015 by an interagency working group for the National Science and Technology Council (NSTC) and the Networking and Information Technology Research and Development Program (NITRD)Considered input from the President’s Council of Advisors for Science and Technology (PCAST), an NSF RFI in May 2015, and DHS S&T community gatheringsReleased in February 2016 as a component of the President’s National Cybersecurity Action Plan (CNAP)Federal Cybersecurity R&D Strategic PlanDHS and CybersecurityMISSION 4: SAFEGUARD AND SECURE CYBERSPACEGoal 1: Strengthen the Security and Resilience of Critical InfrastructureGoal 2: Secure the Federal Civilian Government Information Technology EnterpriseGoal 3: Advance Law Enforcement, Incident Response, and Reporting CapabilitiesGoal 4: Strengthen the EcosystemDrive innovative/cost effective security products, services, and solutions in the cyber ecosystem;Conduct and transition research and development enabling trustworthy cyber infrastructure;Develop skilled cybersecurity professionals;Enhance public awareness and promote cybersecurity best practices; andAdvance international engagement to promote capacity building, international standards, and cooperation.RESEARCH REQUIREMENT INPUTSDepartmental InputsInteragency CollaborationWhite Houseand NSSCritical Infrastructure Sectors (Private Sector)State and LocalInternational PartnersCyber Security Division8Presenter’s Name June 17, 2003CSD Mission & Strategy9REQUIREMENTSCSD MISSIONDevelop and deliver new technologies, tools and techniquesto defend and secure current and future systems and networksConduct and support technology transitioneffortsProvide R&D leadership and coordinationwithin the government, academia, private sector and international cybersecurity communityCSD STRATEGYTrustworthy Cyber InfrastructureCybersecurity ResearchInfrastructureNetwork & System Security and Investigations Cyber Physical SystemsTransition and OutreachGovernmentVenture CapitalIT Security CompaniesOpen SourceInternationalStakeholdersOutreach Methods (Sampling) Technology Demonstrations Program ReviewsSpeaking EngagementsSocial Media Media OutreachPresenter’s Name June 17, 2003Trustworthy Cyber Infrastructure10Objective:Develop standards, policies, processes, and technologies to enable more secure and robust global cyber infrastructure and to identify components of greatest need of protection, applying analysis capabilities to predict and respond to cyber attack effects and provide situational understanding to providersSecure Protocols•Develop agreed-upon global infrastructure standards and solutions•Working with IETF standards, routing vendors, global registries and ISPs•Provide global Routing Public Key Infrastructure (RPKI) solutions•Follow same process used for DNSSEC global deploymentDistributed Denial of Service Defenses (DDOSD)•Policy-based technologies to shift the advantage to the defender •Measurement/analysis tools to test success of BCP38 deployments•Engaging with major finance sector companies and supporting ISPsInternet Measurement and Attack Modeling (IMAM)•Create more complete view of the geographical and topological mapping of networks and systems•Improve global peering, geo-location, and router level maps to assist automated solutions for attack prevention, detection, response•Support cross-org, situational understanding at multiple time scalesPresenter’s Name June 17, 2003Research Infrastructure11Objective:Develop research infrastructure, such as test facilities, realistic datasets, tools, and methodologies to enable global cybersecurity R&D community researchers to perform at-scale experimentation on their emerging technologies with respect to system performance goalsExperimental Research Testbed (DETER)•Researcher and vendor-neutral experimental infrastructure•Used by 300+ organizations from 25+ states and 30+ countries -DARPA•Used in 40 + classes, from 30 institutions and 3,000+ students•Open Source code used by Canada, Israel, Australia, SingaporeResearch Data Repository (PREDICT)•Repository of over 700TB of network data for use by community•More than 250 users (academia, industry, gov’t –NSA SBIR)•Leading activities on ICT Research Ethics (e.g., Menlo Report)•Opening up to international partners (JP, CA, AU, UK, IL, EU)Software Assurance Market Place (SWAMP) •A software assurance testing and evaluation facility and services•Advance the quality and usage of SwAtools –commercial & open•IOC –2/1/14; 500+ assessments/week; 9 platforms; 5 SwAtoolsPresenter’s Name June 17, 2003Network and System Security and Investigations -112Objective:Develop new and innovative methods, services, and capabilities for the security of future networks and systems to ensure they are usable and security properties can be measured and provide the tools and techniques needed for combatting cybercrimeSecurity for Cloud-Based Systems•Develop methodologies and technologies for cloud auditing and forensics in end-point devices•Identify data audit methodologies to identify the location, movement, and behavior of data and Virtual Machines (VMs)•Work with DHS CIO/CISOs and datacentersMobile Device Security •Develop new approaches to mobile device security (user identity/authentication, device management, App security and management, and secure data) for government purposes•Working with DHS CISO and across several componentsIdentity Management / Data Privacy•Advance the identity management ecosystem to support Federal, state, local, and private sector identity management functions•Develop data privacy technologies to better express, protect, and control the confidentiality of private information •Working with DHS, other Federal, State, Local and Private SectorPresenter’s Name June 17, 2003Network and System Security and Investigations -213Objective:Develop new and innovative methods, services, and capabilities for the security of future networks and systems to ensure they are usable and security properties can be measured and provide the tools and techniques needed for combatting cybercrimeSoftware Quality Assurance•Develop new methods and capabilities to analyze software and address the presence of internal flaws and vulnerabilities to reduce the risk and cost associated with software failures•Develop automated capability to bring together independent software and system assessment activitiesUsable Security and Security Metrics•Improve the usability of cybersecurity technologies while maintaining security•Develop security metrics and tools and techniques to make them practical and useful as decision aids for enterprise security postureInvestigation Capabilities for Law Enforcement •Develop investigative tools/techniques for LE agencies to address the use of computers/phones in criminal and cyber related crimes•Develop techniques and tools focused on detecting and limiting malicious behavior by untrustworthy insiders inside an organization•Cyber Forensics Working Group –USSS, ICE, CBP, FBI, S/LtoolCtoolBtoolAtoolDPresenter’s Name June 17, 2003Cyber Physical Systems / Process Control Systems14Cyber Physical Systems Security (CPSSEC)•Build security into the design of critical, smart, networked systems•Gain better understanding of threats and system interactions•Testing and validation of solutions in partnership with private sector •Working with DoTransand NPPD and Transportation Sector Trustworthy Computing Infrastructure for the Power Grid (TCIPG)•Improve the security of next-generation power grid infrastructure, making the underlying infrastructure more secure, reliable and safe•4 University consortium –UIUC, WSU, UC-Davis, Dartmouth•Private sector advisory board provides reqmtsand transition path•Partnership with DOE-OE and UniversitiesSecuring the Oil and Gas Infrastructure (LOGIIC)•Conduct collaborative RDT&E to identify and address sector-wide vulnerabilities in oil and gas industry digital control systems •All R&D projects identified and funded by private sector members•CSD provides project mgmt. support and inter-sector supportObjective:Ensure necessary security enhancements are added to the design and implementation of ubiquitous cyber physical syst