DHS, NIST, Financial Services Group Form Security Research Partnership

As the finger-pointing and name-calling surrounding the WikiLeaks issue continue in Washington, the White House this week facilitated a cooperative agreement among several key public and private organizations designed to spur joint information security research projects.

As the finger-pointing and name-calling surrounding the WikiLeaks issue continue in Washington, the White House this week facilitated a cooperative agreement among several key public and private organizations designed to spur joint information security research projects.

On Tuesday, the Obama administration’s top computer security official, Howard A. Schmidt, and Aneesh Chopra, the country’s CTO, announced that the Department of Homeland Security, NIST and the Financial Services Sector Coordinating Council had signed a memorandum of understanding that describes a framework under which the three groups can cooperate on security research and development projects. The MOU, which lasts for five years, does not provide any funding for the research projects, but instead lays out the terms under which the organizations can work together.

The agreement specifically calls for:

  • Coordinating the design, delivery and deployment of innovative cybersecurity technology and processes.
  • Sharing ideas and concepts for better cybersecurity, including improved effectiveness and enhanced efficiency.

Perhaps most significantly, NIST, the DHS Science and Technology Directorate and the FSSCC will work together on developing network test beds for research and development. This shared infrastructure will enable the organizations to perform live tests of emerging technologies.

“This agreement will accelerate the deployment of network testbeds for
specific use cases that strengthen the resiliency, security, integrity,
and usability of financial services and other critical infrastructures’
functions, processes, and people by:

  1.  
    Facilitating coordination and cooperation among Federal agencies and
    the financial services sector in the development and delivery of
    innovative cybersecurity technologies and processes; and

  2.  
    Establishing clear processes for the implementation of specific use cases.

The strengths of this partnership lie in the unique capabilities of its members,” Schmidt and Chopra said in a blog post announcing the MOU.

The FSSCC is an industry group that works to aid banks and other financial services institutions in both physical and information security. Partnerships between government agencies and private industry on security research and development and information sharing have been legion in the years since 9/11, but the results have been decidedly mixed. Many in private industry have said that the information sharing efforts have been a one-way street, with no data coming back from Washington on threats and new technologies to address them.

Suggested articles