DHS sets its cyber R&D goals

Growing cybersecurity threats prompt DHS to seek quick turnaround on cyber research

Science & Technology Directorate’s broad agency announcement

Related Links

The federal government has sounded an alarm about increasing cybersecurity threats to the country’s critical infrastructure. But rather than wait for industry to develop the necessary security technology, Homeland Security Department officials say they plan to find, fund and push potentially ground-breaking software into the commercial market.

A broad agency announcement published by DHS’ Cyber Security Research and Development Center May 17 asks for industry proposals that, within three years, could produce commercial technologies to protect against computer security threats.

DHS published a list of research and development challenges that DHS’ internal and external customers believe are the right priorities for dealing with the near-term and longer-term threats they face, said Douglas Maughan, program manager for cybersecurity research at DHS’ Science and Technology Directorate.

“We strongly recommend that people making proposals come to the table with their own technology and transition partners already onboard,” Maughan said. Proposals will be evaluated on that basis, he said.

The announcement states that plans to transition the technologies to the open-source community are acceptable.

Based on past experience, Maughan said, probably about 20 percent of the research white papers that DHS receives in response to the announcement could lead to full R&D proposals for programs lasting three years.

How much funding DHS will have to support new cyber R&D is uncertain. Maughan said DHS has $4.5 million for funding programs in fiscal 2007. But subsequent appropriations will determine the amount in the future. The House Appropriations Committee’s Homeland Security Subcommittee approved $777 million in fiscal 2008 funding for the Science and Technology Directorate, a $22 million decrease compared with the president’s request.

Purdue University professor Eugene Spafford, a computer security expert and member of the President’s Information Technology Advisory Committee, said several areas on DHS’ research agenda are worthy. However, he said, the list of research priorities appears to address near-term problems instead of bigger challenges.

“This announcement is not trying to grow the enterprise by looking to what is coming next, at System X problems,” Spafford said. “It’s really looking more at fixing what problems exist now.”

None of the research areas listed in the announcement are blind alleys, and they are certainly areas of need, Spafford said.  He added that many other research challenges are of equal if not greater importance.

“DHS should be one of the agencies taking the lead in [cybersecurity] research,” Spafford said. “If you speak to the military, for example, they are relying on DHS to provide protection for the infrastructure they have to deal with to do their jobs, but they feel nothing is being done about it.”

Agencies such as the National Science Foundation support meaningful cybersecurity research, Spafford said. But, he added, those efforts are underfunded, which makes DHS’ programs all that more important.

Maughan said DHS’ research efforts are aimed at achieving nearly immediate returns. “That’s the DHS mission,” he said. “We aren’t the NSF.”

DHS has requested submissions of white papers by June 27. DHS will invite those who provide papers that meet its requirements to submit full proposals by Sept. 17.
DHS publishes its cyber research agendaThe Homeland Security Department issued a request for preliminary research and development proposals to address nine cybersecurity challenges, which it identified as:
  • Botnet and other malware detection and mitigation.
  • Scalable secure systems.
  • Cybersecurity metrics.
  • Network data visualization for information assurance.
  • Internet tomography and topography.
  • Routing security management.
  • Process control systems security.
  • Data anonymization tools and techniques.
  • Insider threat detection and mitigation.

— Brian Robinson

About the Author

Brian Robinson is a freelance writer based in Portland, Ore.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.