Special Section: breaking news from SINET's Innovation Summit (our regular summary appears below)
Solving the research transition problem: Dr. Douglas Maughan, Director of Cyber Security at the Department of Homeland Security's Science and Technology (S&T) Directorate, spoke with the CyberWire this morning about organizing research in ways that facilitate transition to operational systems. He'll be moderating the Innovation Summit's panel on "Research Collaboration Models that Work" tomorrow afternoon.
Federal science and technology programs often find it difficult to move the results of research to the end users on whose behalf it's conducted. The challenge of transition is familiar to anyone involved with S&T, but Maughan believes the Department of Homeland Security (DHS) has found some workable models that overcome many of these problems.
In general, DHS S&T finds that involving prospective end-users in defining problems, setting requirements, and funding some of the research (and test and evaluation) has greatly eased transition problems. Posing user-informed challenges to researchers and offering them early adopters for their products have done a great deal to channel research into eventual operational use. Maughan describes three successful public-private engagement models:
- LOGIIC (Linking the Oil and Gas Industry to Improve Cyber Security). In this program, companies in the oil and gas sector fund research; DHS S&T funds administration and management. The industry partners, via an agreement with the Automation Federation, pose cyber security challenges, then decide which research projects will receive support. This collaborative agreement is structured to avoid the anti-trust issues that often inhibit private-sector cooperation. LOGIIC is a unique public-private partnership that brings five major oil and gas competitors together to work with government on the development and distribution of cybersecurity solutions for protecting the industry's critical infrastructure.
- Industry-University Research Consortium. A joint National Science Foundation and DHS S&T program, the consortium is housed in Ball State University's Security and Software Engineering Research Center. A dozen universities participatein addition to the private sector. Government agencies and private companies identify research challenges, universities proposes research projects to address them, and the agencies and companies select the proposals to fund. The university performers tend to be highly capable institutions willing to focus on practical, hands-on operational solutions they can deliver in the near term.
- TCIPG (Trustworthy Cyber Infrastructure for the Power Grid). Hosted by the University of Illinois at Urbana-Champaign, this consortium brings together DHS, the Department of Energy, Dartmouth, Cornell, the University of California, Davis, and Washington State. Funding is provided by the government and the universities themselves, but a key element of the program's success is the contribution of its advisory board: some four hundred owners, operators, and vendors in the electrical power sector who collaborate with the university researchers. The advisory board's members, again, set the research challenges and agree to act as early adopters of TCIPG technologies.
Maughan stresses the importance of a technology's ultimate users setting its research requirements. He notes the importance of intelligence in shaping those requirements. "We're not surprised by the claims made last week at Black Hat, and that critical infrastructure is of interest to attackers," he says. "We're interested in it from the defensive point of view. And we find that the technologies and techniques developed to defend control systems in the power sector have implications across critical infrastructures — some are using the same technologies — that can be of benefit to other infrastructure sectors. Tools developed to protect oil and gas infrastructure, for example, tend to be applicable to other infrastructures as well."
We'll be covering Dr. Maughan's panel tomorrow, along with the rest of the SINET Innovation Summit.
Today's regular daily summary starts here.
THE CYBERWIRE (Monday, August 5, 2013) — Airports in Istanbul were hacked earlier this month; over the weekend the Indian Customs website for Indira Ghandi International Airport in Mumbai suffered defacement by a Pakistani hacktivist.
US diplomatic facilities in the Middle East and North Africa remain closed on the basis of threat intelligence emerging from "an intercepted message among senior al Qaeda operatives."
Many Tor Network sites disappeared over the weekend as the US FBI took down child pornographers organized around Freedom Hosting. The operation is interesting in that it appears to have used a Firefox zero day to breach Tor anonymity.
A researcher demonstrates an Android app that can steal login credentials by exploiting Google's one-click authentication. Analysts forecast trouble in the emerging "app economy."
In unrelated news, Google warns webmasters against inserting pages into a browser's history. The warning, which strongly reiterates earlier cautions, suggests that the deceptive practice is becoming more widespread, and troublesome.
XKeyscore receives more attention, some of it breathless (uncharacteristically so from Naked Security—troublesome or not, a tool's existence is hardly a closely held secret when it appears liberally on job boards, ads, LinkedIn resumes, etc.).
Dell SecureWorks says it's fingerprinted "Beijing Group" industrial espionage. Huawei hits back at DCI emeritus Hayden's allegations of spying. Lenovo stays in the Western doghouse over similar allegations as governments and companies struggle to come to grips with a globalized supply chain.
Congress continues to weigh electronic surveillance policy. GCHQ receives its own unwanted scrutiny. Germany limits information sharing with the US and UK.
Today's edition of the CyberWire reports events affecting China, Germany, India, Ireland, Pakistan, Russia, Thailand, the United Kingdom, and the United States.
The CyberWire is published daily, Monday through Friday, except for US holidays. Format and summary copyright Pratt Street Media LLC. To subscribe and to manage your subscription, visit our sign-up page. Follow us on Twitter @thecyberwire.
Cyber Trends (6)
Cyber Events (15)
Dateline New York: the latest on SINET's Innovation Summit
Some background to tomorrow's panel on "Research Collaboration Models that Work":
Cyber Attacks, Emerging Threats, and New Vulnerabilities
Security Patches and Software Updates
Products, Services, and Solutions
Technologies, Techniques, and Standards
Research and Development
Legislation, Policy, and Regulation
Litigation, Investigation, and Law Enforcement
For a complete running list of events, please visit the event tracker on the CyberWire website.