Skip to Content

Federal Agencies Woo Security Researchers

Government representatives outline the current U.S. cybersecurity research and development goals.

Representatives of the National Science Foundation, the Department of Homeland Security, and the Office of the Director of National Intelligence came yesterday to the IEEE Symposium on Security and Privacy in Oakland, CA, to describe the federal government’s current wish list for cybersecurity research. The representatives described three main ways that the federal government is interested in spending its money on academic work.

First, they asked for “moving target” technologies. The idea here is that current systems favor attackers–the defender’s system remains the same and the attacker is able to hammer away at it until exploits are found. With moving targets, federal government agencies hope to shift this scenario to make it harder and more expensive for attackers to penetrate systems. The idea is that systems that are complex and easily changed by defenders make an attacker’s job more difficult. This runs against traditional security wisdom, which is that adding complexity opens up more room for vulnerabilities.

Second, the federal agencies asked for work on “tailored trustworthy spaces.” Here, they hope researchers can create islands within systems that meet particular security requirements and that are easy to put up and take down. The hope is that it would be possible to have a verifiably secure work environment that was fine-tuned to match the task the user is carrying out.

Finally, the representatives outlined the need for a better understanding of the economics of security. Currently, security is often an afterthought for software developers. When companies do invest in security, the results can be haphazard, scattershot, and hard to measure. The federal agencies are hoping to get a clearer picture of what types of investments would help defenders, and they are asking for solutions that might again shift the advantage away from attackers. Right now, it doesn’t cost an attacker much to go after a system, and cyber crime promises high rewards. The agencies hope to find ways to encourage improvements to overall security, and to discourage attackers.

Jeannette Wing, assistant director of the computer and information science and engineering directorate of the National Science Foundation, stressed that with all three of these agendas, the federal government is hoping to break away from the current security arms race and find new directions. Since the federal representatives spoke in front of some of the world’s top security researchers, it should be interesting to see how the concepts are received.

Keep Reading

Most Popular

still from Embodied Intelligence video
still from Embodied Intelligence video

These weird virtual creatures evolve their bodies to solve problems

They show how intelligence and body plans are closely linked—and could unlock AI for robots.

pig kidney transplant surgery
pig kidney transplant surgery

Surgeons have successfully tested a pig’s kidney in a human patient

The test, in a brain-dead patient, was very short but represents a milestone in the long quest to use animal organs in human transplants.

panpsychism concept
panpsychism concept

Is everything in the world a little bit conscious?

The idea that consciousness is widespread is attractive to many for intellectual and, perhaps, also emotional
reasons. But can it be tested? Surprisingly, perhaps it can.

We reviewed three at-home covid tests. The results were mixed.

Over-the-counter coronavirus tests are finally available in the US. Some are more accurate and easier to use than others.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.