Dr. Reginald Brothers

US Deputy Assistant Secretary of Defense for Research

Cyber Security Research and Development in the US Department of Defense

December 12, 2013—The CyberWire interviewed Dr. Reginald Brothers, who's served since December 6, 2011 as US Deputy Assistant Secretary of Defense for Research. Dr. Brothers is responsible for policy and oversight of Department of Defense (DoD) Science and Technology (S&T) programs from Basic Research through Advanced Technology Development. He also oversees the Department's laboratories and provides long-term strategic direction of Defense S&T programs. We heard from Dr. Brothers after he spoke at last week's SINET Showcase.

The CyberWire: You were able to outline Defense research priorities at SINET last week. Would you explain the place of cyber security research in those priorities?

Brothers: In April of 2011, Defense Secretary Gates issued a memo identifying seven science and technology (S&T) priority areas for the Department of Defense (DoD). Cyber S&T is one of the seven priorities and will remain a priority for FY 2014-2018. DoD is looking to advance science and technology for efficient and effective cyber capabilities across the spectrum of joint operations. Although it's a man-made domain, cyberspace is now recognized as a potential domain of warfare and is just as relevant as the domains of land, sea, air, and space for DoD activities. Cyber security research is an essential element in defending the nation, because information technology provides the infrastructure that connects, enhances, and enables all other DoD capabilities in land, sea, air, and space domains. DoD Cyber S&T also contributes to the Presidential Directives on Defending the Nation and Critical Infrastructure Security and Resilience.

The CyberWire: Which Defense agencies are most heavily invested in cyber? Which ones would you recommend the CyberWire's readers get to know?

Brothers: Cyber investments are being made by several Service laboratories, NSA, and DARPA. DARPA has the largest investments in cyber for DoD. Here are the Defense agencies conducting cyber research; CyberWire readers should recognize them:

  • Air Force Research Lab (AFRL)
  • Air Force Office of Scientific Research (AFOSR)
  • Army Research Lab (ARL)
  • Army Research Office (ARO)
  • Army Communication-Electronics Research, Development and Engineering Center (CERDEC)
  • Defense Advanced Research Projects Agency (DARPA)
  • National Security Agency (NSA)
  • Office Naval Research (ONR)
  • Naval Research Laboratory (NRL)

All of these organizations have independent efforts, as well as cross-agency initiatives to fund the cyber S&T. Each organization has external Broad Agency Announcements (BAAs) to solicit ideas and proposals for research.

The CyberWire: And we've provided links to those BAAs at the end of this interview. To continue, how would you characterize Defense investment in cyber across the research and development budget categories (6.1, 6.2, 6.3, etc.)?

Brothers: Defense investments in cyber take technologies from Basic Research (6.1) through maturation for installation to military platforms and systems. The largest portion of investment is in Applied Technology Development (6.2) to solidify the research and tailor it to address DoD's specific needs. Advanced Component and Prototypes (6.3) investments mature the technology to a state that it can be demonstrated and tested for fielding. DoD identified the foundational S&T thrusts of Resiliency, Agility, Mission Assurance, and Foundations of Trust in the DoD Strategic Cyber priorities described at SINET, and has made focused investment in those areas across the research and development budget categories. We constantly reevaluate the ever-evolving cyber threats and at times shift our focus. In recent years, focus has shifted towards security of embedded systems, cyber modeling & simulation, cyber experimentation, and automated software analysis tools. Recent work has also pointed to the need for maturing a Science of Cyber Security, including metrics by which cyber improvement can be measured.

The CyberWire: Can you speak to a role for international cooperation in cyber research?

Brothers: International cooperation is of the utmost importance in defending the nation—particularly in cyberspace, because of the emphasis on coalition operations and common threats. We work with our allies through The Technical Cooperation program (TTCP), which includes Australia, Canada, New Zealand, and the United Kingdom, and we work with the NATO Research and Technology Organization. International cooperation was specifically highlighted in the Defense Strategy for Operation in Cyberspace (DSOC), citing a need to develop collective self-defense and increase collective deterrence. The DoD has also established numerous bilateral information exchange agreements for Cyber Security.

The CyberWire: Can you tell us anything about DIA's recently launched "Needipedia"? How do you think it will affect cyber companies?

Brothers: DIA's Needipedia is a frequently updated website that allows DIA to publicize capability needs to a large community of innovators. Needipedia allows individuals, companies, and academic institutions to submit proposals through an open Broad Agency Announcement (BAA). This method will significantly speed up the acquisition process. We believe it will be especially beneficial to Cyber Defense given the rapid changes of the threats. Needipedia should encourage non-traditional government collaborators to participate by lowering the barriers to entry.

The CyberWire: Is there anything else you'd like to share with the CyberWire's readers?

Brothers: We're developing a Cyber S&T Capabilities Framework to support new and emerging mission requirements, including improved situation awareness and course of action analysis. We are also emphasizing the importance of broadening the research application beyond standard computing systems to tactical and embedded systems.

Another thing I'd like to touch on is the work being done through our Small Business Innovation Research Program (SBIR). The SBIR program encourages small businesses to engage in Federal Research and Development to meet military needs. It was established under the Small Business Development Act of 1982 with the purpose of strengthening the role of small business concerns in federally funded R&D. Since 2006 our office has funded over 170 Cyber R&D phase I and II projects through the SBIR Program. You'll find more information on the SBIR Program at SBIR.GOV and DODSBIR.NET.

And of course, all Solicitations are announced through FedBizOpps.Gov.

The CyberWire: Thank you, Dr. Brothers.

Links for Broad Agency Announcements