Editor’s note: This post by Charles Brooks focuses on an area of importance to not just the federal enterprise but to the larger cyber security community. -bg
Recent Congressional Hearings have called attention to the need for better cooperation between government agencies and the private sector. An excellent example of how to fulfill that goal of successful public/private partnerships is demonstrated by the work of the Transition to Practice Program (TTP) at the Department of Homeland Security (DHS) Science & Technology (S & T) Directorate.
TTP was created as a result of the White House’s Federal Cybersecurity R & D Strategic Plan as well as the Comprehensive National Cybersecurity Initiative (CNCI). The mandate of TTP is to move promising cybersecurity technologies developed under Department of Energy (DOE) National Labs and Federal Funded Research & Development Centers (FFRDC’s) into the private sector for further development. TTP is a program of collaboration and operates under the Cyber Security Division (CSD) of S & T.
CDC works closely with Commercialization Office which was stood up in 2008. The Commercialization Office has compiled a listing of over 2,000 technologies, products, and/or services that may have alignment with DHS (and other agencies) needs. CDC and the Commercialization Office maintain a strong focus on fulfilling the technology needs for critical infrastructure/key resource owners, border security, transportation security, and First Responders. CDC involvement is in the full spectrum cycles of the cybersecurity landscape; research, development, testing, evaluation, and transition.
According to the DHS “Cyber Security Division Transition to Practice Technology Guide” several focus areas cover the critical vulnerability and cybersecurity landscape of the Directorate. These include: 1) Internet Infrastructure Security; 2) Critical Infrastructure/key Resources; 3) National Research infrastructure; 4) Leap-Ahead technologies; 5) Cyber security Education; 6) Identity management; 7) Cyber Forensics; and 8) Software Assurance.
There are many important cybersecurity capabilities that have resulted directly from the S & T Directorate’s work with industry. These include Domain Name System Security (DNSSEC) that addresses Denial of Service (DNS) weaknesses and Domain Name System Security Secure Signer to protect web transactions and online communications. Secure Ironkey USB Drives for secure web browsing, end-point security and protection against malicious software-related threats. Protected Repository for the Defense of Infrastructure against Cyber Threats (PREDICT) to provide privacy-protected operational network traffic datasets for cybersecurity research and development. DHS Secure Wireless Access Prototype (DSWAP) for secure wireless access solutions for layered defense on protected networks. Other successful technologies and projects that have migrated to operational use both in public and private sectors included Botnet detection and mitigation technology, Data Visualization Tools, Active Malware Protection, and Rootkit Detection and Mitigation technology.
In S & T DHS formal cyber program structure, preparation for meeting rapidly evolving next-generation threats has made the “leap-Ahead Technologies” a focus area of priority. Rapid proto-typing, and transitioning; showcasing, and providing assistance in commercializing technologies has become important tasks. As a result, the private sector’s role as a partner has been elevated and the Transition to Practice Program (TTP) has garnered notice and appreciation.
A primary role for TTP is to identify through technology foraging at the DOE National Labs and FFRDC’s and share their capabilities and promise with the private sector, other government agencies, and academia. TTP is committed to outreach, especially with small business. Next month (October) TTP event showcases will showcase eight new innovative cybersecurity technologies developed by the DOE National Labs. Those labs are the backbone of the nation’s scientific & development research national security resources and produce cutting edge ideas and inventions. The ability for the private sector to invest, co-develop and integrate innovative technologies into the cybersecurity marketplace will significantly impact progress in threat deterrence and mitigation.
The TTP Program is a resource for industry and communication is encouraged. The TTP program is coordinated by Douglas Maughan, DHS S & T Cyber Security Director and Michael Pozmantier, DHS S & T Cyber Security Program Manager. The office can be reached at ST.TTP@hq.dhs.gov.
It would be worthwhile to expand the DHS Science & Technology Director model of “leaping ahead” across agencies in the federal government to encourage a new era of public/private sector collaboration. The best is technology development and commercialization is yet to come.
Charles (Chuck) Brooks serves as vice president/client executive for DHS at Xerox. He has served as the first director of legislative affairs for the DHS science and technology directorate, where he was responsible for advocacy for the directorate on Capitol Hill. Brooks has been an adjunct faculty member at Johns Hopkins University, and has previously spent six years on Capitol Hill as a senior advisor to the late Senator Arlen Specter. He also served as President of Brooks Consulting International, leveraging extensive experience in executive management, government relations and R&D in the public and private sectors. He can be reached at: www.linkedin.com/in/chuckbrooks/