5 game-changing ideas for federal cyber R&D

 

Connecting state and local government leaders

The Comprehensive National Cybersecurity Initiative asked for ideas to transform the cyber infrastructure and found five areas with real potential.

Included among the 12 initiatives of Homeland Security Presidential Directive 23/National Security Presidential Directive 54, popularly known as the Comprehensive National Cybersecurity Initiative, was the "Leap-Ahead R&D & Coordination" initiative.

As the title implied, this CNCI initiative was intended to kick-start research and development efforts in game-changing cyber technologies. Now known as the National Cyber Leap Year (NCLY) initiative, the official charge is "to transform the cyber infrastructure so that critical national interests are protected from catastrophic damage and our society can confidently adopt new technological advances."

The initiative is intended to develop strategies and programs to enhance the component of government research (unclassified as well as classified) and development portfolio by involving public, private and academic research communities to help solve difficult problems that require “out of the box” thinking.


Listen to an ISC(2) podcast on federal cyber R&D.


The White House Office of Science and Technology Policy and the Networking and Information Technology R&D Program Senior Steering Group kick-started their efforts by asking the research community for technical proposals to plausible changes to the current cybersecurity landscape.

More than 200 responses were submitted to three “requests for input.” The responses were then synthesized, resulting in the following five categories that demonstrate game-changing potential:

1. Digital Provenance — basing trust decisions on verified assertions.

2. Moving-target Defense — attacks only work once if at all.

3. Hardware-enabled Trust — knowing when we’ve been had.

4. Health-inspired Network Defense — move from forensics to real-time diagnosis.

5. Cyber Economics — crime doesn’t pay.

According to the NCLY Program Development Framework, summaries of these five game-changers are:

1. Digital Provenance — basing trust decisions on verified assertions.

As the definition implies, this game-changer seeks to reduce the energy expended in discovering whether to trust digital objects for any intended purpose. The technological manifestations of this could include: Caller ID for e-mail, application whitelisting, authoritative patching, cyber Identification Friend or Foe, anonymity-preserving credentials, and adaptive trust policies.

The urgency of this game-changer is to address the growing clamor for the basic security guarantees fundamental to e-commerce. Many of the technical building blocks for Digital Provenance are in-place: cryptography as the core enabler, mechanisms for signing and binding metadata to content, public-key infrastructures, e-mail directory constructs, and digital rights management.

2. Moving-Target Defense — attacks only work once if at all.

Currently attackers are winning the cyberspace battle by taking advantage of the relatively static nature of our systems. This game-changer proposes a new tactic where we win by increasing the randomness or decreasing the predictability of our systems.

Technological manifestations include: nonpersistent environments, randomized execution of code, utility computing decoupled from enterprise data assets, randomized network and host identities, randomizing compilers, dynamic address spaces, and adopting new technology faster than bad guys can figure out flaws.

There are several enabling environmental factors for this game-changer including the following: virtualization has moved from the server to the desktop, reducing start-up costs; multicore processors are ubiquitous; cloud computing emerging; need to integrate new functionality faster than it can be secured. The technical underpinnings are mostly in place across industry and include fault tolerance enabled by multiple cores; decade of experience with virtualization; hardware supports for virtualization in Intel chip set; mature research in avoiding memory-based attacks.

3. Hardware-Enabled Trust — knowing when we’ve been had.

Since current machines have no way to notify us that they have been compromised, we are faced with the difficulty of having to deploy impregnable systems. Hardware-enabled trust would allow us to persistently monitor our assets for changes in trustworthiness by embedding tamper-resistant roots of trust in the architecture.

The technological manifestations could include: trusted boot, Trusted Platform Module-enabled applications, measurement and attestation, and integrity-breach alarms. Several enabling environmental factors exist for this game-changer to include: the fact that most modern PCs now have a trusted execution chip set; root-kit detection is not very robust and the attack is commonplace; Trusted Computing Group has a wide set of members.

In addition, the following technical considerations are also enhancers: TCG ideas are good and have government expertise inside; Intel has put a lot of work into the TPM and other hardware supports for trust; encouraging advancements in field-programmable gate arrays.

4. Health-Inspired Network Defense — move from forensics to real-time diagnosis.

Currently, weeks and months can elapse before successful network penetrations are detected through laborious forensic analysis. This game-changer would allow network components to have a heightened ability to observe and record what is happening to and around them.

The technological manifestations could include: the ability to automatically detect denial of service attacks, the ability to find and stop propagation of botnets, and the ability to support user intent. The technical environment is an enabler from the following perspectives: with the spread of virtualized desktops and cloud computing, the network boundary itself is now virtual; hardware switches and routers will increasingly utilize software mechanisms, completely opening up the previously ossified world of network protocols to redesign; there is room for both old and new protocols to co-exist.

5. Cyber Economics — crime doesn’t pay.

Currently, both cyber crime and cyber espionage are quite lucrative and very attractive because the cost to engage in them is very small compared to the return on investment. This idea seeks to even the odds and make cyber malefactors take more risk at a lower rate of return.

Manifestations include: the theory of cyber risk markets, incentives, disincentives and value chains; market alignment; key value chain points where cost should be introduced; and the impact of immediate law enforcement at key points. The urgency is immediate, as cyber crime losses are reaching intolerable levels. The enabling technical underpinnings include the recent advancements in attribution and forensics, and better understanding of patterns of illicit actions and behaviors.

In closing, federal chief information security officers should take tremendous comfort, if not be outright excited, about the possibilities once these NCLY game-changers are brought to fruition.

Being able to support the core-mission, essential functions of our respective federal agencies by having technologies that facilitate trust-based decisions on verified assertions — operating in large heterogeneous IT environments where attacks work only once, if at all — and having the capability to be notified in real-time of successful attacks because we’ve moved our cyber operations model from forensics to real-time diagnosis equipped with the a diminished cyber economic landscape, would be “near nirvana” for not just federal CISOs but the overall CISO community.



 

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.