Cybersecurity

Peering into the cyber future

Shutterstock image: cyber eye.

The intelligence community’s R&D arm wants industry researchers to predict cyberattacks rather than just respond to them.

Existing cyber defense methods such as signature-based detection "haven't adequately enabled cybersecurity practitioners to get ahead of these threats," said Robert Rahmer, a program manager at the Intelligence Advanced Research Projects Activity. "So this has led to an industry that's really invested heavily in analyzing the effects or symptoms of cyberattacks instead of analyzing [and] mitigating the cause."

Rahmer leads IARPA's Cyber-attack Automated Unconventional Sensor Environment (CAUSE) program, which will fund what the organization calls "unconventional" techniques for predicting cyberattacks.

Among the technology possibly cultivated by the CAUSE program are tools to harvest big data and models for threat forecasting. "Successful proposers will combine cutting-edge research with the ability to develop robust forecasting capabilities from multiple sensors not typically used in the cyber domain," says an IARPA description of the CAUSE program.

CAUSE’s goal is to use automated methods to detect cyber threats "hours to weeks earlier" than current methods, Rahmer said. Detection time has been an issue in cyberattacks affecting federal agencies. It was reportedly months before U.S. Investigations Services, formerly the government’s top security-clearance contractor, noticed hackers had breached the firm’s computer networks.

Rahmer expects IARPA to issue a broad agency announcement for the CAUSE program by the end of fiscal 2015. Proposals will be evaluated based on the timeliness and level of detail of their warnings of cyberattacks, he said. The technology produced by the CAUSE program could be made available to intelligence agencies and the private sector, he added. Rahmer declined to say how much money is allocated for the program.

IARPA held a proposers day Jan. 21 that Rahmer said was attended by about 150 people from industry and academia. One of a handful of initial proposals for the program comes from R&D nonprofit Battelle, which is looking to further develop software that collects and analyzes media to model adversaries' online behavior. Battelle’s goal is to strip away the anonymity relied on in the dark corners of the Internet.

The start of the CAUSE program comes as the intelligence community moves to dedicate new resources to cybersecurity. CIA Director John Brennan on March 6 announced the agency would create a cyber directorate to boost the "integration of our digital and cyber capabilities across all of our mission areas." Last month, the White House established a cyber-threat agency, to be housed at the Office of the Director of National Intelligence, to fuse intelligence to give agencies a clearer view of cyber-threat patterns.

About the Author

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


The Fed 100

Read the profiles of all this year's winners.

Featured

Reader comments

Mon, Mar 9, 2015 FMJohnson

Here is a blog post by my CSO/CTO from a year ago on this subject. Given the weather we've had this winter, the theme is still pretty apt. Cybersecurity is like a snowstorm, or not. By Rick Tracy 02/11/2014 When the forecast for a snowstorm -- or a cyber event -- ranges between nothing and a disaster, it isn't really a forecast at all. It is a bad guess. http://multimedia.telos.com/blog/cybersecurity-is-like-a-snowstorm-or-not

Sun, Mar 8, 2015 June. Klein New York City

Paythru's clients are real estate asset iwners of train stations, airports, car malls and merchant tenants if these locations. We are PCI DSs Level 1 v3 compliant, have tokenization and other security protections. Is there any funding available to further enhance our mobile marketing and m-payments platform? Our Eurorail client using our centralized interactive app has 4,5 million per year shoppers, tourists, commuters traveling through location.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group