A White House cybersecurity research strategy released earlier this month lays out several areas where the federal government should invest research and development funding as a way to deter cyberattacks.
The strategy, called the “Federal Cybersecurity Research and Development Strategic Plan” and released Dec. 10 by the White House Office of Science and Technology Policy, breaks down federal network defense into four areas: deter, protect, detect, respond.
White House officials wrote that federal networks need to be secured in a way that proves difficult enough for intrusion that an adversary gives up.
“Deterrence, in the broad sense used by this plan, requires increasing the level of effort that adversaries must apply to achieve their objectives and increasing the possible negative consequences for them from their actions,” the document read.
But the plan also lays out exactly what technological capabilities federal departments lack to dissuade attackers from intruding networks. It also describes the technology the government needs to reach specific cybersecurity levels and how to invest in research and development dollars.
The White House office also wants to improve models that consider the threats federal agencies face and that assesses adversaries’ capabilities. These models also would aim to increase the understanding of the hackers on the other side of the computer.
In addition, future investments need to include models of adversaries’ susceptibility to deterrence actions, such as legal action. To mitigate insider threats, White House OSTP wants to design systems that can identify harmful users in “real time.”
The strategy also calls for increased research into tools that can help law enforcement investigation and collect evidence to prosecute malicious cyber actors. This has become an important aspect of cybersecurity as federal departments, such as the Departments of Justice and Treasury, have become more aggressive in recent years in indicting and sanctioning bad cyber actors. But as hackers increase their capabilities, attribution to a specific group also becomes more difficult. As a result, the White House research and development strategy also calls for studying more effective and timely attribution.
“To meet these challenges, new technologies are needed to measure and verify the ability of an enterprise to thwart adversary efforts and to ensure that law enforcement, government agencies, and system and network owners can successfully attribute malicious activities to their sources,” the document reads.
The plan encourages agencies to increase funding in “multidisciplinary” research, but also pushes agencies to avoid funding near-term research and development and instead to focus on longer term projects.
Specifically, the document points to artificial intelligence as a strategic focus for federal research because it can automate routine cybersecurity tasks and allow staffers to work on higher level problems. At the same time, AI also can be used by malicious actors to probe networks, a capability that the OSTP officials said deserves “serious attention.”
“AI has significant potential impacts on national economy and security; it is thus essential to guard AI technologies from unintended uses and hostile exploitations by leveraging cybersecurity practices,” the White House officials wrote.
The top science and tech office also wants the federal government to conduct several psychological studies to identify different psychological, sociological and economic factors that can influence the decisions of attackers.
“Comprehensive cybersecurity requires understanding the human facets of cyber threats and secure cyber systems, and development of an informed and skilled cybersecurity workforce and general public,” the document read.