View from Arch Street

The 2019 Federal Cybersecurity Research and Development Strategic Plan was released by the National Science and Technology Council on December 10, 2019.  The new plan supersedes the 2016 strategic plan and aims to coordinate and guide federally funded R&D in cybersecurity, including development of consensus-based standards and best practices. The 2019 Plan identifies four interrelated defensive capabilities (deter, protect, detect, and respond) and six priority areas for cybersecurity R&D (artificial intelligence, quantum information science, trustworthy distributed digital infrastructure, privacy, secure hardware and software, and education and workforce development) as the focusing structure for Federal cybersecurity R&D activities and investments to benefit the Nation.

The federal government invests approximately $150 billion each year in R&D conducted at federal laboratories, universities, and other research organizations. For the United States to maintain its position as the global leader in innovation, bring products to market more quickly, grow the economy, and maintain a strong national security innovation base, the President’s Management Agenda includes the Lab-to-Market Cross-Agency Priority (CAP) goal to improve the transfer of federally-funded R&D from discoveries in the lab to impact on the marketplace.

The National Academy of Science, Engineering & Medicine (NASEM) Government-University-Industry Research Roundtable (GUIRR) will host a webinar on October 24th at 1:00 pm ET to discuss recent actions across the federal government to accelerate innovation from lab to market.  Co-led by the White House Office of Science and Technology Policy (OSTP) and the National Institute of Standards and Technology (NIST), agencies across the Federal government are coordinating to accelerate innovation through five key strategies:

1. Reduce regulatory impediments and administrative barriers in Federal technology transfer policies and practices.
2. Increase engagement with private sector technology development experts and investors.
3. Build a more entrepreneurial R&D workforce.
4. Support innovative tools and services for technology transfer.
5. Improve understanding of global science and technology trends and benchmarks.

Cornell professor Frank Rosenblatt’s prescient research into artificial intelligence in the 1950s and 60s was decades ahead of it’s time. A version of Rosenblatt’s perceptron computer is in the Smithsonian and is now recognized as the first neural network
— Read on news.cornell.edu/stories/2019/09/professors-perceptron-paved-way-ai-60-years-too-soon

The National Cybersecurity Center of Excellence (NCCoE) at NIST has published a draft practice guide — Energy Sector Asset Management— to enhance the energy sector’s asset management capabilities for operational technology (OT). This project includes a reference design and uses commercially available technologies to develop an example solution that will help energy organizations address the security challenges of OT asset management.

Vulnerabilities in OT assets present opportunities for malicious actors to cause disruptions and power outages. To properly assess cybersecurity risk within the OT network, energy companies must be able to identify all their assets, especially the most critical.

This project describes methods for managing, monitoring, and baselining assets and also includes information to help identify threats to these OT assets. The resulting Cybersecurity Practice Guide documents the practical steps required to implement a cybersecurity reference design that addresses this challenge.

The DARPA CREATE program is investigating new approaches for autonomous teaming of physically distributed groups of AI enabled systems (multi-agent systems) when there is limited opportunity for centralized coordination.
— See: www.fbo.gov/index

The Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA) will host a Cybersecurity Summit on September 18-20, 2019 in National Harbor, MD. The event will provide a forum on current cybersecurity topics including emerging technologies, vulnerability management, incident response, risk mitigation, and other key issues. It will also allow for Federal, state, local, tribal, and territorial agencies, as well as private sector organizations, to highlight successes and opportunities for collective action in securing cyberspace.