Government cyber security programs mandated to go commercial

DHS initiative seeks to 'leap frog' government technology advances into the private sector


Recent congressional hearings have called attention to the need for better cooperation between government agencies and the private sector. An excellent example of how to fulfill that goal of successful public/private partnerships is demonstrated by the work of the Transition to Practice Program (TTP) at the Department of Homeland Security (DHS) Science & Technology (S & T) Directorate.

TTP was created as a result of the White House’s Federal Cybersecurity R & D Strategic Plan as well as the Comprehensive National Cybersecurity Initiative (CNCI). The mandate of TTP is to move promising cybersecurity technologies developed under Department of Energy (DOE) National Labs and Federal Funded Research & Development Centers (FFRDC’s) into the private sector for further development. TTP is a program of collaboration and operates under the Cyber Security Division (CSD) of S & T.

CSD works closely with the Commercialization Office which was established in 2008. The Commercialization Office has compiled a listing of over 2,000 technologies, products, and/or services that may have alignment with DHS (and other agencies) needs. CSD and the Commercialization Office maintain a strong focus on fulfilling the technology needs for critical infrastructure/key resource owners, border security, transportation security, and first responders. CSD involvement is in the full spectrum cycles of the cybersecurity landscape; research, development, testing, evaluation, and transition.

According to the DHS “Cyber Security Division Transition to Practice Technology Guide,” several focus areas cover the critical vulnerability and cybersecurity landscape of the directorate. These include:

  • Internet infrastructure security
  • Critical infrastructure/key resources
  • National research infrastructure
  •  Leap-ahead technologies
  • Cyber security education
  • Identity management
  • Cyber forensics
  • Software assurance

There are many important cybersecurity capabilities that have resulted directly from the S & T Directorate’s work with industry. These include:

  • Domain Name System Security (DNSSEC) that addresses denial-of-service (DNS) weaknesses and Domain Name System Security Secure Signer to protect web transactions and online communications.
  • Secure Ironkey USB Drives for secure web browsing, end-point security and protection against malicious software-related threats.
  • Protected Repository for the Defense of Infrastructure against Cyber Threats (PREDICT) to provide privacy-protected operational network traffic datasets for cybersecurity research and development. 
  • DHS Secure Wireless Access Prototype (DSWAP) for secure wireless access solutions for layered defense on protected networks. 
  • Other successful technologies and projects that have migrated to operational use both in public and private sectors included Botnet detection and mitigation technology, Data Visualization Tools, Active Malware Protection, and Rootkit Detection and Mitigation technology.

In DHS's S & T formal cyber program structure, preparation for meeting rapidly evolving next-generation threats has made the “leap-ahead technologies” a focus area of priority. Rapid proto-typing, and transitioning; showcasing, and providing assistance in commercializing technologies has become important tasks. As a result, the private sector’s role as a partner has been elevated and the Transition to Practice Program (TTP) has garnered notice and appreciation.

A primary role for TTP is to share their capabilities and promise with the private sector, other government agencies, and academia by identifying through technology foraging at the DOE National Labs and FFRDCs. TTP is committed to outreach, especially with small business.

The TTP will showcase eight new innovative cybersecurity technologies developed by the DOE National Labs in October. Those labs are the backbone of the nation’s scientific and development research for national security resources and produce cutting edge ideas and inventions. The ability for the private sector to invest, co-develop and integrate innovative technologies into the cybersecurity marketplace will significantly impact progress in threat deterrence and mitigation.

This content continues onto the next page...