DHS seeks FY09 funding for an array of projects tied to cyber security and the National Strategy to Secure Cyberspace. Many of them are concerned with simply assessing the threat. Some are focused on shoring up obvious vulnerabilities. And whole lot of them are just plain classified. We’ll highlight a few here that are drawn from the Administration’s 3,754-page justification of their FY 2009 budget request recently submitted to the Congress.
The Information Infrastructure Security (IIS) Program is designed to identify new technologies to protect critical infrastructure. The IIS program, under DHS S&T, works with industry, government, and academia to secure the core functions of the Internet. This has both civilian and government benefits because the program is focused on functions used by everyone from a shopper on eBay to a network specialist at DHS. The IIS program uses economic assessment, risk analysis, and modeling to evaluate cyber security technologies through such projects as Secure Protocols, Process Control Systems, and Cyber Security Assessment.
In FY 2008, the S&T Directorate will award a contract for the Cyber Infrastructure and Emerging Threats Project. This uses a â€œdistributed scenario-based exerciseâ€ to help the private sector â€“ primary owner of critical infrastructure â€“ respond to and manage cyber disruptions. This one has an impressive acronym, too: The Distributed Environment for Critical Infrastructure Decision-Making Exercises (DECIDE) project.
But to really understand just what it is weâ€™re trying to protect, DHS is starting the Internet Route Monitoring Project. This project will identify critical internet infrastructure, mapping important internet hosts and routers by FY 2010. The maps to be developed under the Project are intended to help identify cyber threats and predict the cascading impacts of various scenarios.