Adoption of Cybersecurity Technology

This is an invitation only event.

About the ACT 2016 Workshop

SCORE LogoThe Adoption of Cybersecurity Technology Workshop is sponsored by the Special Cyber Operations Research and Engineering (SCORE) Subcommittee.  SCORE increases awareness and insight, across the US Government, into classified and unclassified cyber-related research and development to develop new ways of operating and doing business.

As a community, researchers and developers have produced many effective cybersecurity technology solutions that are not implemented for a variety of reasons. Many cybersecurity professionals believe that 80% of the current problems in cyberspace have known solutions that have not been implemented.

Participants in the workshop will identify systemic issues that are preventing adoption of such solutions and suggest how we can change business practices to enable these cybersecurity technology practices to be adopted. After the workshop, participants will work with host organizations to pilot the solutions identified at the workshop.

In order to illuminate systemic barriers to adoption of security measures, the workshop will focus on mitigation techniques identified in NSA's Adversary Obstruction Methodology (see https://www.nsa.gov/ia/_files/factsheets/NSA_Methodology_for_Adversary_Obstruction.pdf). Participants will be committed to explore and develop action plans for four use cases that address each of the four fundamental cybersecurity goals:

* Device Integrity
* Damage Containment
* Defense of Accounts (Authentication and Credential Protection)
* Secure and Available Transport

The agenda will include briefings on a specific threat scenario, briefings on cohorts’ concerns to promote understanding among groups, facilitated sessions that address the use cases, and the development of action plans to be implemented via 90 day spins. Participants will take ownership of the solutions put forward during the workshop, and will brief the Adoption of Cybersecurity Technology Organizing Committee every 90 days on the status of their implementation.  The spin reports will address successes, challenges, and the specific steps taken to overcome roadblocks to the realization of the adoption of cybersecurity technologies by specific government entities.

The workshop will involve approximately 40 participants, primarily from government but also from academia and industry.  We are interested in receiving your input for candidate technologies to be included in the workshop.  If you have a technology that you are pursuing, we strongly urge you to submit ideas for consideration within the use case framework identified above when registering. 

Recent Activity

  • Use case leaders briefed the DoD Deputy Chief Information Officer for Cyber Security about the groups ongoing efforts on May 25, 2016.  The briefing slides can be found here:  Briefing to Richard Hale on 25 May
  • The location of Spin 2 has been changed to the NIST NCCoE Facility in Rockville, MD on September 7, 2016 tentatively from 8-3.  An agenda will be drafted and posted mid July.
  • Spin 3 location is TBD.  The goal of Spin 3 is to demo one of the use cases technology(ies).  Please contact the organizing committee if your team will be ready to demonstrate your technology by Spin 3's scheduled date of December 7th 2016 . 

 


Questions about the event can be addressed to ACT@cps-vo.org