While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
At the Department of Homeland Security’s Science and Technology (S&T) Directorate, the next big thing isn’t measured in years.
“We’re thinking about things 5 to 10 months out and how do we provide solutions to first responders [and] network operators in a much more rapid fashion,” said Doug Maughan, director of the Cyber Security Division within S&T. FedTech caught up with Maughan at the Cyber Security Division R&D Showcase and Technical Workshop in Washington, D.C., last week, where the directorate highlighted more than 60 technologies, tools and techniques developed to meet today’s requirements of the homeland security community. The Cyber Security Division is the only part of S&T that does cyber research.
Maughan explained that the directorate has a unique approach to funding and shepherding innovative technologies from the research stage to the commercial market. “We don’t typically fund basic research,” he said. “We start with applied research. We fund research, the development, testing and evaluation, things like pilots and deployments with customers. That’s not a normal process for other agencies. That’s where we believe we are doing things differently than others.”
The directorate’s leadership is focused on making S&T a game-changing research and development organization, said Maughan, who joined the directorate 11 years ago.
Since then, Maughan’s division has seen its budget grow from a modest $3 million to more than $70 million. Also during this time, his division has funded more than $250 million in research, resulting in nearly 40 projects transitioning from the research phase to commercial products. Shifting technology into an operational environment with a CIO or someone else is always difficult for the research community, Maughan said: “We call it the valley of death.”
S&T provides the funding and expertise to help researchers through the valley of death, so they have a better chance of seeing their technology commercialized and released in the marketplace, he added. Their strength is technology, not business, Maughan said of researchers. They don’t know how to find the door to a potential customer or to a venture capitalist.
One of the directorate’s most recent success stories involved a small company from Oak Park, Ill., that developed mobile device forensic capabilities. The company, called NowSecure, used $1.9 million in R&D funding from S&T to help create its suite of products.
“The funding provided by S&T was specifically focused on capabilities including a project which helps law enforcement analyze evidence from seized disposable cellphones and additional enhancements of the small-business tool mobile phone forensics suite,” according to the directorate.
The company raised another $12.5 million from private investors to continue developing its security platform for mobile devices.
Venture capitalists assess three things before they invest: the technology, the team and the opportunity for commercialization, Maughan said. “That’s the way they work, and that’s the way we work.”
He pointed out: “We’re not in the same space with Microsoft and Symantec and McAfee." McAfee actually bought a small business that DHS had funded in the past.“A lot of things haven’t been built with security; if we can take them and add security and make a more viable product in the market, that is a viable product for us.”
S&T has brought in more than $6 million in international funding to advance cyber R&D and commercialize mature technology, Maughan said. The expectation is that foreign governments will help fund some of these projects. Australia, Canada, Sweden, the Netherlands and United Kingdom have all provided funding.
“Cyber is a global sport, and we all have to work together to make solutions that will help us all,” Maughan said.