08 Oct 14. Groups Named For First Federally Funded Cybersecurity Research Center. With cyber attacks being volleyed at U.S. infrastructure daily, government, the National Cybersecurity Center of Excellence (NCCoE) has awarded the first federally-funded research and development center (FFRDC) contract designed specifically to enhance the nation’s cybersecurity. The new FFRDC, part of the National Institute of Standards and Technology’s (NIST) NCCoE, will be managed by non-profit MITRE Corp. with assistance from the University System of Maryland (USM), which includes campuses in College Park (UMCP) and Baltimore County (UMBC).
“This really is demonstrative of a new day,” UMCP Assistant Vice-President for Research and Development Eric Chapman said. “Cybersecurity as an industry is still relatively youthful and nascent, there aren’t any common practices. Without neutral third party leadership we couldn’t set up those best practices.”
The group will be pulling together best practices and security strategies intended to work across platforms.
“We’re going to favor the standards and technologies that are low-cost and scalable,” Chapman said.
“The hope is, as a neutral party, we can help design security solutions across industry verticals that don’t have any bias toward specific companies or software types,” said Dr. Anupam Joshi, director of UMBC Center for Cybersecurity and professor of computer science and electrical engineering. The group plans to work with commercial stakeholders, government and academia to set their ever-changing agenda.
“The idea that the user community helps identify the key verticals,” Joshi explained. “Then, the academic leadership and research staff and user community as a whole starts to identify the verticals, off-the-shelf options and the gaps, as well as the gaps where more research has to be done.”
“The main goal is really to bring stakeholders in the tech sectors and academia together,” according to Dr. Joseph JaJa, who holds a joint appointment in the Department of Electrical and Computer Engineering and the University of Maryland Institute for Advanced Computer Studies (UMIACS). “Cybersecurity is a very fast moving target. We’re going to try to bring to bear some of these new technologies as needed.”
MITRE’s team of 40 scientists and researchers will be bringing that information together to propagate real-world solutions.
“A day doesn’t go by that there isn’t word of some breach,” MITRE Senior Vice-President and Chief Security Officer Gary Gagnon said. “This is a way to deal with some of these cybersecurity problems and supply tangible results you can use.”
While NIST’s NCCoE will set the agenda, the center will be looking to the private sector to help identify the major challenges.
“We’re looking to help the private sector solve problems,” Gagnon said. “This is industry-directed solutions to industry problems, with the government acting as a catalyst.”
Cybersecurity is “very challenging and changing all the time,” JaJa said. “A collaboration between government, industry and academia is the best way.”
The research center plans to hit the ground running, according to Joshi and JaJa. A set of practice guides should be available within a year and a half.
“We’re trying to define best practices for a whole sector,” JaJa said. The public “should expect results within 16-18 months or earlier, but we need to be very inclusive … NIST doesn’t want to be seen as choosing winners and losers.”
“This is not a cold start,” Gagnon agreed, noting that MITRE’s team has been at the NCCoE last week and this week “getting up to speed on activities already underway.” (Source: Defense News)
09 Oct 14. Tech groups warn over US online snooping. Leaders at two top tech security firms have warned that American businesses are being hurt by concerns about US online surveillance in Europe and the growing “Balkanisation” of the internet in the wake of Edward Snowden’s disclosures.
“You can feel this Balkanis