EAGER: Cybersecurity Transition To Practice (TTP) Acceleration

EAGER：网络安全过渡到实践 (TTP) 加速

• 批准号: 1650445
• 负责人: Ana Hunsinger
• 金额: $ 20.2万
• 依托单位: INTERNET2
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2016
• 资助国家: 美国
• 起止时间: 2016-08-15 至 2018-12-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1650445&HistoricalAwards=false
• 关键词: EAGER; Cybersecurity; Transition; Practice; TTP

The 2011 Federal Cybersecurity Research and Development Plan cites "Accelerating Transition to Practice (TTP)" as one of five strategic objectives in the Cyber Security and Information Assurance (CSIA) Program Component Area. TTP remains a strategic objective of Agencies which fund cybersecurity research, including NSF. However, the NSF cybersecurity portfolio contains only a small amount of security research that has been transitioned into operational activities. The Office of Science and Technology Policy (OSTP) of the White House defines transition to practice as research that "creates measurable improvements in the cybersecurity landscape". NSF encourages security researchers with promising applied research projects to submit TTP (Transition to Practice) projects, and while some researchers take advantage of this opportunity, others lack information about how to identify an early adopter for their technology. Early adoption is a crucial step for gaining valuable feedback about the usefulness and effectiveness of a security technology. This EAGER will serve as an outreach vehicle to cybersecurity technology adopters such as scientific cyberinfrastructure operators and Chief Information Officers (CIOs) at university campuses, informing them of the benefits of adopting cutting edge cybersecurity capabilities into their organizations and matching them up with security researchers looking for partnership opportunities. In 2015, NSF sponsored two workshops which brought together key stakeholders to provide insights on how to improve the TTP process and encourage more TTP adoption, therefore improving cybersecurity for scientific cyberinfrastructure. An important outcome of that workshop was the identification of specific barriers to TTP. This follow-on project identifies specific ways in which NSF can overcome these barriers as they consider how to address TTP for the future. The project establishes workshops for early adopters to learn about specific cybersecurity projects that need adopters, and provides opportunities to engage with the NSF-funded cybersecurity community to foster more transition of cybersecurity research into the hands of the operational Information Technology Community. The expected outcome is that NSF expands the impact of the cybersecurity research it funds by producing more TTP results in the near to mid-term in order to make cyberspace safer.

2011年联邦网络安全研究和发展计划将“加速向实践过渡(TTP)”列为网络安全和信息保障(CSIA)计划组成部分领域的五个战略目标之一。TTP仍然是包括NSF在内的为网络安全研究提供资金的机构的战略目标。然而，NSF的网络安全组合只包含少量已转变为业务活动的安全研究。白宫科技政策办公室(OSTP)将向实践过渡定义为“在网络安全格局中创造可衡量的改善”的研究。NSF鼓励有前景的应用研究项目的安全研究人员提交TTP(过渡到实践)项目，虽然一些研究人员利用了这个机会，但其他研究人员缺乏如何为他们的技术确定早期采用者的信息。及早采用是获得有关安全技术的有用性和有效性的宝贵反馈的关键一步。这一渴望将作为网络安全技术采用者的外展工具，例如大学校园的科学网络基础设施运营商和首席信息官(CIO)，告知他们在其组织中采用尖端网络安全能力的好处，并将他们与寻找合作机会的安全研究人员相匹配。2015年，NSF赞助了两个研讨会，将关键利益攸关方聚集在一起，就如何改进TTP进程并鼓励更多人采用TTP提供见解，从而改善科学网络基础设施的网络安全。该讲习班的一个重要成果是查明了TTP的具体障碍。这个后续项目确定了NSF在考虑如何解决未来的TTP问题时克服这些障碍的具体方法。该项目为早期采用者设立了研讨会，以了解需要采用者的特定网络安全项目，并提供机会与国家科学基金会资助的网络安全界接触，以促进将网络安全研究更多地移交给运营信息技术界。预期的结果是，NSF通过在中短期内产生更多的TTP结果来扩大其资助的网络安全研究的影响，以使网络空间更加安全。