DHS sets its cyber R&D goals

Growing cybersecurity threats prompt DHS to seek quick turnaround on cyber research

Science & Technology Directorate’s broad agency announcement

Related Links

The federal government has sounded an alarm about increasing cybersecurity threats to the country’s critical infrastructure. But rather than wait for industry to develop the necessary security technology, Homeland Security Department officials say they plan to find, fund and push potentially ground-breaking software into the commercial market.

A broad agency announcement published by DHS’ Cyber Security Research and Development Center May 17 asks for industry proposals that, within three years, could produce commercial technologies to protect against computer security threats.

DHS published a list of research and development challenges that DHS’ internal and external customers believe are the right priorities for dealing with the near-term and longer-term threats they face, said Douglas Maughan, program manager for cybersecurity research at DHS’ Science and Technology Directorate.

“We strongly recommend that people making proposals come to the table with their own technology and transition partners already onboard,” Maughan said. Proposals will be evaluated on that basis, he said.

The announcement states that plans to transition the technologies to the open-source community are acceptable.

Based on past experience, Maughan said, probably about 20 percent of the research white papers that DHS receives in response to the announcement could lead to full R&D proposals for programs lasting three years.

How much funding DHS will have to support new cyber R&D is uncertain. Maughan said DHS has $4.5 million for funding programs in fiscal 2007. But subsequent appropriations will determine the amount in the future. The House Appropriations Committee’s Homeland Security Subcommittee approved $777 million in fiscal 2008 funding for the Science and Technology Directorate, a $22 million decrease compared with the president’s request.

Purdue University professor Eugene Spafford, a computer security expert and member of the President’s Information Technology Advisory Committee, said several areas on DHS’ research agenda are worthy. However, he said, the list of research priorities appears to address near-term problems instead of bigger challenges.

“This announcement is not trying to grow the enterprise by looking to what is coming next, at System X problems,” Spafford said. “It’s really looking more at fixing what problems exist now.”

None of the research areas listed in the announcement are blind alleys, and they are certainly areas of need, Spafford said.  He added that many other research challenges are of equal if not greater importance.

“DHS should be one of the agencies taking the lead in [cybersecurity] research,” Spafford said. “If you speak to the military, for example, they are relying on DHS to provide protection for the infrastructure they have to deal with to do their jobs, but they feel nothing is being done about it.”

Agencies such as the National Science Foundation support meaningful cybersecurity research, Spafford said. But, he added, those efforts are underfunded, which makes DHS’ programs all that more important.

Maughan said DHS’ research efforts are aimed at achieving nearly immediate returns. “That’s the DHS mission,” he said. “We aren’t the NSF.”

DHS has requested submissions of white papers by June 27. DHS will invite those who provide papers that meet its requirements to submit full proposals by Sept. 17.
DHS publishes its cyber research agendaThe Homeland Security Department issued a request for preliminary research and development proposals to address nine cybersecurity challenges, which it identified as:
  • Botnet and other malware detection and mitigation.
  • Scalable secure systems.
  • Cybersecurity metrics.
  • Network data visualization for information assurance.
  • Internet tomography and topography.
  • Routing security management.
  • Process control systems security.
  • Data anonymization tools and techniques.
  • Insider threat detection and mitigation.

— Brian Robinson

About the Author

Brian Robinson is a freelance writer based in Portland, Ore.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.


  • Social network, census

    5 predictions for federal IT in 2017

    As the Trump team takes control, here's what the tech community can expect.

  • Rep. Gerald Connolly

    Connolly warns on workforce changes

    The ranking member of the House Oversight Committee's Government Operations panel warns that Congress will look to legislate changes to the federal workforce.

  • President Donald J. Trump delivers his inaugural address

    How will Trump lead on tech?

    The businessman turned reality star turned U.S. president clearly has mastered Twitter, but what will his administration mean for broader technology issues?

  • Login.gov moving ahead

    The bid to establish a single login for accessing government services is moving again on the last full day of the Obama presidency.

  • Shutterstock image (by Jirsak): customer care, relationship management, and leadership concept.

    Obama wraps up security clearance reforms

    In a last-minute executive order, President Obama institutes structural reforms to the security clearance process designed to create a more unified system across government agencies.

  • Shutterstock image: breached lock.

    What cyber can learn from counterterrorism

    The U.S. has to look at its experience in developing post-9/11 counterterrorism policies to inform efforts to formalize cybersecurity policies, says a senior official.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group