As Cybersecurity remains a top priority through the Comprehensive National Cyber Initiative (CNCI), the Department of Homeland Security is pouring $40 million into cyber security research to “improve the security in both Federal networks and the larger Internet.”
The DHS Science and Technology Homeland Security Advanced Research Projects Agency (HSARPA) is seeking proposals for 14 areas of cybersecurity research, five of which will contribute to the CNCI, according to a Broad Agency Announcement posted on FedBizOpps.gov. The areas include traditional methods of security such as software assurance, enterprise-level security metrics, and network resiliency, as well as forward-thinking areas of making security more user friendly to worker productivity.
Topics also include areas of security that were exposed last year, such as tackling insider threats like the Wikileaks scandal. Also, creating modeling and analysis of Internet attacks from malware and botnets has become critical after the discovery of the Stuxnet worm last year, the RFP states.
HSARPA also aims to develop technology that respond to more contemporary security threats to ensure security being developed can meet future threats. Over the next 10 years, the CNCI research community hopes to equip new technologies with security in mind. "The only long-term solution to the vulnerabilities of today’s networking and information technologies is to ensure that future generations of these technologies are designed with security built in from the ground up," HSARPA said in its RFP.
To do this, the agency will invest in topics such as: cyber economics, the financial incentive for hackers to commit cyberattacks; digital provenance, which focuses on the journey of data from origin to consumer; and hardware-enabled trust, which aims to provide more security in computing hardware than exists today. Other areas include moving-target defense, nature-inspired cyber health, or creating “self-aware” systems that respond to threats inherently, and a software assurance marketplace for software creation, analysis, and testing.