Doug Maughan took part in an online chat on Wednesday, Dec. 10. Read the free online chat where he discusses the cyber research and development programs DHS is supporting.
For the first time, the Homeland Security Department is showcasing its cybersecurity research and development to a much wider audience.
The Science and Technology Directorate’s goal is to move these cyber projects out of the lab and into the commercial marketplace.
Doug Maughan, the director of the cybersecurity division within DHS’ Science and Technology directorate, said the Dec. 16 cyber showcase in Washington will feature more than 50 projects funded by the agency that are primed for commercialization.
“We have spent millions of dollars over the last two-three-four years on these technologies and we are trying to use this as an opportunity to get people, investors, system integrators and other companies interested in these technologies and let them — what we consider to be fairly mature technologies — take the next step and help in the commercialization and get the technologies out to the global public,” Maughan said in an exclusive interview with Federal News Radio. “Most of our past events have been large program reviews with the only people in room being the government and performers. We’ve never invited the public before. We have been funding a lot of efforts over the last three or four years, and we’ve opened our opportunities up to the international community so we felt like we should do this in an open environment to show what’s available.”
DHS Science and Technology has a commercialization office, but Maughan said the cyber research and development showcase is different because of its focus on hardware and software IT security.
During the showcase 11 companies specifically chosen by S&T program managers will have 20 minutes to present their technologies to the audience.
Maughan said the speakers will demonstrate the technology, discuss its potential impact on securing computers or networks and the company’s commercialization strategy.
The showcase will highlight R&D projects and initiatives around topics that include modeling of Internet attacks, identity management, cyber forensics, software quality assurance, experimental research testbeds and more.
“We have a small business out of the Chicago area that’s been doing a lot of mobile forensics work for the law enforcement community. They will be doing not only a presentation, but some demonstrations of this technology and it has broader applicability than just law enforcement,” Maughan said. “We’ve also got a project that will talk about the joint work between us and the Department of Energy looking at next generation solutions for securing the power grid.”
He said another project with a lot of potential focuses on identity management for federal employee smart identification cards and mobile devices.
“We have some technology from the software world looking at new tools for software analysis,” Maughan said. “Many of the vulnerabilities lately have been software bugs so we are highlighting one of our best tools there.”
Another area of the showcase will focus on embedded technology and securing the technology in everything from automobiles to printers to common household products.
DHS S&T recently co-hosted an industry event with the Food and Drug Administration to take a deeper look at how best to secure medical devices.
Maughan said the FDA event was a good first step.
“We’ve now brought in the FDA folks and they are going to help us review proposals we’ve received in the area medical device security. It’s great to have their technical expertise as part of that review,” he said. “The second one is a discussion we’ve had with FDA in helping them form a consortium of the medical device manufacturers. We’ve done similar types of consortia with the oil and gas sector with the DoE, and are having some conversations with the auto manufacturers as well.”
Maughan said based on the October meeting, he believes a small percentage of medical device manufacturers fully grasp the importance of cybersecurity, while most are just getting their arms around what it means.
“There are a couple of showcase technologies that are in this area of cyber physical systems and the Internet of Things,” he said. “There’s a technology coming out of Columbia University that is looking at, ‘Yes my toaster could be taken over and used for malicious things, but so could my printer, so could my phone and so could other devices.’ They built a technology that will allow you to do essentially randomized types of technology inside those embedded devices. There are some really interesting things coming there.”