Risk
3/15/2011
03:08 PM
Connect Directly
RSS
E-Mail
50%
50%

DHS Seeks Cybersecurity Help from Engineers, Scientists

Department of Homeland Security Secretary Janet Napolitano said the agency wants to collaborate with experts in various fields to help it tackle security and managing the flow of information.

Inside DHS' Classified Cyber-Coordination Headquarters
(click image for larger view)
Slideshow: Inside DHS' Classified Cyber-Coordination Headquarters

The Department of Homeland Security (DHS) is seeking help from the private sector -- including experts from the engineering and science fields -- to help it solve a series of problems related to cybersecurity and the immense flow of information the department deals on an every-day basis.

Speaking at the Massachusetts Institute of Technology (MIT) this week, DHS Secretary Janet Napolitano said that it will take more than the work of the department and its IT team to solve the problems of the varied work the DHS is doing to secure borders and U.S. critical infrastructure, among other tasks. Her remarks are available online.

"At DHS, we are constantly asking and trying to answer some important questions: How do we keep travel and trade flowing across borders while at the same time enhancing security? How do we secure our nation's critical infrastructure when the vast majority of it is in private hands?" she said. "The answers to many of these questions involve harnessing science and technology to better meet our homeland security needs."

Perhaps more than any other agency, the DHS must work with myriad partners in both local and state governments as well as the private sector to accomplish its mission.

Particularly in the area of cybersecurity, the agency has set up partnerships through a series of fusion centers and joint terrorism task forces around the country to share intelligence information to protect critical infrastructure. The work includes collaborating with both private and public organizations.

Citing this "long tradition in our country of creating problem-solving partnerships between government and our research and development enterprise," Napolitano described some of the challenges the DHS hopes experts in a variety of fields will help it solve.

One key security challenge the DHS faces is what she called the "big data" problem. Being the linchpin for national security, the department receives data from a number of agencies -- such as the Federal Aviation Administration, the Transportation Safety Administration, the FBI, and the CIA -- about possible threats, both cyber and otherwise, and must disseminate that information quickly and efficiently to come up with a plan of action.

Napolitano said that the agency is always looking for better ways to extract meaningful information from "billions" of data points, and is seeking input on how to do that from experts across different fields.

"We therefore cannot overstate the need for software engineers and information systems designers. We need communications and data security experts," she said. "And we need this kind of talent working together to find new and faster ways to identify and separate relevant data."

Napolitano also mentioned the recent earthquake and subsequent tsunami in Japan to launch a discussion about how the DHS can improve emergency response in case of a similar disaster in the United States.

She said that FEMA Administrator Craig Fugate is exploring ways to use social media to achieve several crucial tasks during a disaster, such as reaching people during an emergency, locating necessary supplies, and moving them to the people and places that need them most. The federal government used the Web, including Twitter feeds, to share information with people who might be in need of help as part of its response to the recent disaster.

Napolitano also said that the DHS will seek help from scientists and engineers to create more resilient building materials that can withstand major earthquakes by engaging in nanotechnology research and getting that technology into widespread commercial use. Technology to detect nuclear radiation and to improve healthcare response to pandemics also is of interest to the department, she added.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2363
Published: 2014-07-26
Morpho Itemiser 3 8.17 has hardcoded administrative credentials, which makes it easier for remote attackers to obtain access via a login request.

CVE-2014-2625
Published: 2014-07-26
Directory traversal vulnerability in the storedNtxFile function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to read arbitrary files via crafted input, aka ZDI-CAN-2023.

CVE-2014-2626
Published: 2014-07-26
Directory traversal vulnerability in the toServerObject function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to create files, and consequently execute arbitrary code, via crafted input, aka ZDI-CAN-2024.

CVE-2014-2966
Published: 2014-07-26
The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not properly perform Unicode transformations, which allows remote attackers to bypass intended text restrictions via crafted characters, as demonstrated by bypassing an XSS protection mechanism.

CVE-2014-3071
Published: 2014-07-26
Cross-site scripting (XSS) vulnerability in the Data Quality Console in IBM InfoSphere Information Server 11.3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL for adding a project connection.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Sara Peters hosts a conversation on Botnets and those who fight them.