Homeland Open Security Technology

Last updated
Homeland Open Security Technology
Establishment2011
Sponsor Department of Homeland Security's Science and Technology Directorate
Primary contractor Georgia Tech Research Institute
Other contractorsCenter for Agile Technology
Open Source Software Institute
Open Information Security Foundation
Website www.cyber.st.dhs.gov/host/

Homeland Open Security Technology (HOST) is a five-year, $10 million program by the Department of Homeland Security's Science and Technology Directorate to promote the creation and use of open security and open-source software in the United States government and military, especially in areas pertaining to computer security. [1] [2] [3] [4]

Contents

Proponent David A. Wheeler claims that open-source security could also extend to hardware and written documents. [5] [6] In October 2011, the project won the Open Source for America 2011 Government Deployment Open Source Award. [7]

Participants

The project is contracted to the Open Technology Research Consortium which consists of the Georgia Tech Research Institute (primary), the Center for Agile Technology at the University of Texas at Austin, the Open Source Software Institute, and the Open Information Security Foundation. [8] [9] [10] The project has contributed funding towards the OpenSSL Software Foundation and the Open Information Security Foundation. [11] [12]

Events

In October 2012, HOST hosted the Open Cybersecurity Summit in Washington, D.C.; it was a one-day summit with a keynote by Stewart A. Baker, former Assistant Secretary for Policy of the Department of Homeland Security. [13] [14] [15]

Investments

Related Research Articles

<span class="mw-page-title-main">OpenSSL</span> Open-source implementation of the SSL and TLS protocols

OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping, and identify the party at the other end. It is widely used by Internet servers, including the majority of HTTPS websites.

The Federal Information Processing Standard Publication 140-2,, is a U.S. government computer security standard used to approve cryptographic modules. The title is Security Requirements for Cryptographic Modules. Initial publication was on May 25, 2001, and was last updated December 3, 2002.

<span class="mw-page-title-main">Suricata (software)</span> Open-source intrusion detection system

Suricata is an open-source based intrusion detection system (IDS) and intrusion prevention system (IPS). It was developed by the Open Information Security Foundation (OISF). A beta version was released in December 2009, with the first standard release following in July 2010.

<span class="mw-page-title-main">National Cyber Security Division</span>

The National Cyber Security Division (NCSD) is a division of the Office of Cyber Security & Communications, within the United States Department of Homeland Security's Cybersecurity and Infrastructure Security Agency. Formed from the Critical Infrastructure Assurance Office, the National Infrastructure Protection Center, the Federal Computer Incident Response Center, and the National Communications System, NCSD opened on June 6, 2003. The NCSD mission is to collaborate with the private sector, government, military, and intelligence stakeholders to conduct risk assessments and mitigate vulnerabilities and threats to information technology assets and activities affecting the operation of the civilian government and private sector critical cyber infrastructures. NCSD also provides cyber threat and vulnerability analysis, early warning, and incident response assistance for public and private sector constituents. NCSD carries out the majority of DHS’ responsibilities under the Comprehensive National Cybersecurity Initiative. The FY 2011 budget request for NCSD is $378.744 million and includes 342 federal positions. The current director of the NCSD is John Streufert, former chief information security officer (CISO) for the United States Department of State, who assumed the position in January 2012.

<span class="mw-page-title-main">Golisano College of Computing and Information Sciences</span> Computing school at Rochester Institute of Technology

The B. Thomas Golisano College of Computing and Information Sciences is one of the largest colleges at the Rochester Institute of Technology (RIT), and is home to the institute's computing education and research facilities. Golisano College is home to RIT's computer science, cybersecurity, information sciences and technologies, and software engineering departments, as well as the Ph.D. program in computing and information sciences, and the School of Interactive Games & Media, home to the college's game design and development and interactive development programs. Golisano College is housed in a 125,000 square foot facility, opened in 2003 on RIT's campus in Rochester, New York.

Information security standards are techniques generally outlined in published materials that attempt to protect the cyber environment of a user or organization. This environment includes users themselves, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks.

A cybersecurity regulation comprises directives that safeguard information technology and computer systems with the purpose of forcing companies and organizations to protect their systems and information from cyberattacks like viruses, worms, Trojan horses, phishing, denial of service (DOS) attacks, unauthorized access and control system attacks. While cybersecurity regulations aim to minimize cyber risks and enhance protection, the uncertainty arising from frequent changes or new regulations can significantly impact organizational response strategies.

The Georgia Tech Research Institute (GTRI) is the nonprofit applied research arm of the Georgia Institute of Technology in Atlanta, Georgia, United States. GTRI employs around 3,000 people, and was involved in nearly $1 billion in research in 2023 for more than 200 clients in industry and government.

<span class="mw-page-title-main">Jeff Moss (hacker)</span> American computer security expert (born 1975)

Jeff Moss, also known as Dark Tangent, is an American hacker, computer and internet security expert who founded the Black Hat and DEF CON computer security conferences.

<span class="mw-page-title-main">DHS Science and Technology Directorate</span> U.S. Dept. of Homeland Security Research and Development units

The Science and Technology Directorate (S&T) is a component within the United States Department of Homeland Security. DHS-S&T serves as the research and development arm of the Department as it fulfills its national security mission.

The Open Source Software Institute (OSSI) is a U.S.-based 501(c)(6), non-profit organization whose mission is to promote the development and implementation of open-source software solutions within US Federal, state and municipal government agencies.

The Cybersecurity, Information Protection, and Hardware Evaluation Research Laboratory (CIPHER) is one of eight labs in the Georgia Tech Research Institute. It was created on October 1, 2010 and focuses on cyber security. Along with the GTRI Information and Communications Laboratory, it is part of the Information and Cyber Sciences directorate. GTRI CIPHER is known for its commitment to Open Source Software It will feature existing business areas such as secure information systems and resilient command and control with emerging areas such as cyberwarfare. The laboratory will additionally be a part of the Georgia Tech Information Security Center.

<span class="mw-page-title-main">Dmitri Alperovitch</span> American computer security industry executive (born 1980)

Dmitri Alperovitch is an American think-tank founder, author, philanthropist, podcast host and former computer security industry executive. He is the chairman of Silverado Policy Accelerator, a geopolitics think-tank in Washington, D.C., and a co-founder and former chief technology officer of CrowdStrike. Alperovitch is a naturalized U.S. citizen born in Russia who came to the United States in 1994 with his family.

<span class="mw-page-title-main">DHS Cyber Security Division</span>

The Cyber Security Division (CSD) is a division of the Science and Technology Directorate (S&T Directorate) of the United States Department of Homeland Security (DHS). Within the Homeland Security Advanced Research Projects Agency, CSD develops technologies to enhance the security and resilience of the United States' critical information infrastructure from acts of terrorism. S&T supports DHS component operational and critical infrastructure protections, including the finance, energy, and public utility sectors, as well as the first responder community.

<span class="mw-page-title-main">National Cybersecurity and Critical Infrastructure Protection Act of 2013</span>

The National Cybersecurity and Critical Infrastructure Protection Act of 2013 is a bill that would amend the Homeland Security Act of 2002 to require the Secretary of the Department of Homeland Security (DHS) to conduct cybersecurity activities on behalf of the federal government and would codify the role of DHS in preventing and responding to cybersecurity incidents involving the Information Technology (IT) systems of federal civilian agencies and critical infrastructure in the United States.

<span class="mw-page-title-main">Cybersecurity Information Sharing Act</span>

The Cybersecurity Information Sharing Act is a United States federal law designed to "improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes". The law allows the sharing of Internet traffic information between the U.S. government and technology and manufacturing companies. The bill was introduced in the U.S. Senate on July 10, 2014, and passed in the Senate on October 27, 2015. Opponents question CISA's value, believing it will move responsibility from private businesses to the government, thereby increasing vulnerability of personal private information, as well as dispersing personal private information across seven government agencies, including the NSA and local police.

The National Cybersecurity and Communications Integration Center (NCCIC) is part of the Cybersecurity Division of the Cybersecurity and Infrastructure Security Agency, an agency of the U.S. Department of Homeland Security. It acts to coordinate various aspects of the U.S. federal government's cybersecurity and cyberattack mitigation efforts through cooperation with civilian agencies, infrastructure operators, state and local governments, and international partners.

Phyllis Schneck is an American executive and cybersecurity professional. As of May 2017, she became the managing director at Promontory Financial Group. Schneck served in the Obama administration as Deputy Under Secretary for Cybersecurity and Communications for the National Protection and Programs Directorate (NPPD), at the Department of Homeland Security.

<span class="mw-page-title-main">Open Source Security Foundation</span> Industry forum on software security

The Open Source Security Foundation (OpenSSF) is a cross-industry forum for collaborative improvement of open-source software security. Part of the Linux Foundation, the OpenSSF works on various technical and educational initiatives to improve the security of the open-source software ecosystem.

The School of Cybersecurity and Privacy (SCP) is an academic unit located within the College of Computing at the Georgia Institute of Technology. This interdisciplinary unit draws its faculty from the College of Computing as well as the College of Engineering, the School of Public Policy, the Sam Nunn School of International Affairs, the Scheller College of Business, and the Georgia Tech Research Institute (GTRI). Faculty are engaged in both research and teaching activities related to computer security and privacy at the undergraduate and graduate levels. The school's unifying vision is to keep "cyberspace safer and more secure."

References

  1. "Georgia Tech Research Institute Will Lead $10 Million Department of Homeland Security Open Cyber Security Initiative". Georgia Tech Research Institute . Retrieved 2011-10-14.
  2. "DHS, Georgia Tech seek to improve security with open-source tools". Government Computer News. 2011-07-01. Retrieved 2011-10-14.
  3. "Georgia Tech Research Institute Leads $10 M Open Source Initiative". Georgia Institute of Technology. 2011-05-17. Retrieved 2011-10-14.
  4. Hsu, Jeremy (2011-05-26). "U.S. Considers Open-Source Software for Cybersecurity". NBC News. Retrieved 2011-10-14.[ dead link ]
  5. Perera, David (2013-08-29). "Open security isn't just software, say government open source advocates". FierceGovernmentIT. Retrieved 2013-09-07.
  6. Wheeler, David A (2013-08-21). "What is open security?" (PDF). Institute for Defense Analyses . Open Security. Retrieved 2013-09-07.[ permanent dead link ]
  7. Rockwell, Mark (2011-10-18). "DHS technology directorate wins awards for cyber security efforts". Government Security News. Retrieved 2011-10-24.
  8. Maddux, Rachael (2011-11-07). "Digital Warrior". Georgia Tech Alumni Magazine. Georgia Tech Alumni Association. Archived from the original on 2012-05-14. Retrieved 2011-11-11.
  9. "Homeland Open Security Technology (HOST)". DHS Cyber Security R&D Center. Retrieved 2011-10-14.
  10. Duffy, Jill (2011-05-18). "Georgia Tech to Lead $10M Open-Source Homeland Security Initiative". PC Magazine . Retrieved 2011-10-24.
  11. "Customers". OpenSSL Software Foundation. Retrieved 2011-10-24.
  12. "Consortium Members". Open Information Security Foundation. Retrieved 2011-10-24.
  13. Garrick, Joshua (2012-10-26). "GTRI hosts national cybersecurity summit". The Technique . Retrieved 2012-10-26.
  14. "GTRI and HOST create first Open Cybersecurity Summit in D.C." Georgia Institute of Technology. Archived from the original on 2012-12-12. Retrieved 2012-11-18.
  15. "Open Cybersecurity Summit 2012". SignUp4. Retrieved 2012-11-18.
  16. "Suricata Downloads". Open Security Information Foundation. Retrieved 2011-11-08.
  17. "OpenSSL and FIPS 140-2 Validation Status". OpenSSL . Retrieved 2011-11-08.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.