A Defense Technology Blog
See All Posts
  • Northrop Grumman, Academics Form Cybersecurity Team
    Posted by Bill Sweetman 12:00 PM on Dec 02, 2009

    Northrop Grumman is enlisting academia to bring new ideas and agility to the hard-to-define, fast-moving world of cybersecurity, and to develop new ideas to defeat cyber-threats aimed at its government customers. Tuesday morning, the company announced the formation of the Cybersecurity Research Consortium (CRC) under which it will provide several million dollars annually to run research labs at Purdue, Carnegie Mellon and MIT.

    Northrop Grumman's motives are to tap talents outside the company - "It's usually true," observes Robert Brammer, chief technology officer for information systems at Northrop Grumman, "that most of the smart people in the world do not work for you" - and to accelerate the pace of cybersecurity work in a collaborative, academic environment. Another goal is to foster the education and training of cybersecurity experts.

    One of the academic leaders at Tuesday's unveiling was Dr Gene Spafford, executive director of Purdue's Center for Education and Research in Information Assurance and Security (CERIAS). I'd last spoken to Spafford eight years ago, when I was running an ill-timed e-business supplement for another publication (it emerged just as the first dotcom bubble burst).  What has changed today is that the threat is getting more severe, he says: "There is a growing threat to public safety, and Northrop Grumman is one of the few big institutions that understands that."

    Critical infrastructure protection is one of the primary targets of the CRC, according to Brammer. (As Spafford puts it, "you could get a call telling you to pay $10 million into an account in the Caymans, or the Pacific Northwest loses power for three days.")  Health care and financial systems could also be attacked, and their vulnerability increases as more systems are linked via public networks.

    Another company goal is to develop and sell "cyber-ranges" which can simulate the effects of an attack and defensive strategies on a large network.

    The different institutions outlined different areas where they are working. MIT, for instance, is working on architecture for a hacker-resistant computer, because although networks themselves are not perfect, the computer is the first avenue of attack. The idea is to equip the computer with a parallel, independent processor chain that will constantly monitor metadata - that is, the data about the data, such as who originated it, when, and to whom it belongs.

    Carnegie Mellon's CyLab has a focus on security for mobile devices, and one of the focal points of Spafford's CERIAS is the trend towards "cloud computing" - but, he adds, "maybe cloud computing is the answer to a question, but that question does not include security."

    Tags: ar99, cyberwarfare, Northrop Grumman

  • Recommend
  • Report Abuse

Comments on Blog Post