Friday, 11 September 2015

LANL, private firm partner on cybersecurity

SANTA FE – Los Alamos National Laboratory has formed a partnership with multinational professional services firm Ernst & Young LLP to bring an advanced cybersecurity tool to the commercial market.

Both have announced that LANL is licensing its PathScan technology to Ernst & Young for use in the private sector. The partnership was aided by the Department of Homeland Security’s Transition to Practice program, which helps bring technology developed in national labs to commercialization.

“We think this is a really big deal,” said Duncan McBranch, chief technology officer at LANL. “This is the kind of partnership that can have an impact across the economy. We’re quite hopeful that we can move the needle against hackers.”

PathScan is a network anomaly detection tool that searches for deviations in normal communication patterns that might indicate an intruder. The technology, which has only been used in the government sector until now, is designed to detect an intruder before major damage can be done, giving defense teams a chance to protect sensitive information.

The LANL technolgy is the fourth released to the private market by Homeland Security under the Transition to Practice program, established in 2012. TTP manager Mike Pozmantier said innovative technologies are needed to counter sophisticated cyberattacks and level the playing field “between the offense and the defense.”

McBranch said Ernst & Young was chosen because the company had the best proposal and is in business with several big corporations. “You really want an expert to go along with software,” McBranch said. “EY was already in a large number of Fortune 200 companies. They had the expertise.”

McBranch said LANL gets a royalty for the technology, and one-third of that royalty is given to the inventor. He wouldn’t share the royalty amounts, saying it’s proprietary. But he says the lab was never after money.

“We do get royalties, but our primary motivation is to put out a tool to use when companies are under threat of criminal activity,” McBranch said. “This is a public partnership that is about defending networks. We’re defending against a common enemy. We’re trying to empower industry.”

This partnership is the latest in a national fight against computer hackers, which has become a threat to both national security and private business, as seen in successful attacks that obtained personnel files of millions of federal government workers and the credit card information of customers of major retailers such as Target.

New Mexico Institute of Mining and Technology is playing a role also. The university was recently awarded a $1.6 million grant for students to train in cybersecurity.

“The technology we developed is focused on a threat that is quite real, no matter how good your defenses are,” said Mike Fisk, chief information officer at LANL. “I think it’s quite relevant today.”

According to Jed Crandall, an associate professor of computer science at the University of New Mexico who specializes in cybersecurity and Internet censorship, computer systems are prone to hacks because computers themselves are fundamentally flawed.

“The reason vulnerabilities exist is because you can make a computer do things that it wasn’t designed to do,” Crandall said. “It’s a fundamental problem.”

Not everyone is optimistic about the LANL/Ernst & Young arrangement. In a recent Bloomberg news report, Frank Dickson, a research director for information and network security for consulting company Frost & Sullivan, said, “The premise is based on the idea that the government is somehow better at doing cybersecurity than the private sector. I think that’s a flawed concept.”

But McBranch hopes PathScan is the next step in turning the tide against computer hackers, but that will only be seen when it is finally rolled out to the public.

“The problem here is that we’re trying to project into the future,” McBranch said. “Only time will tell if it is as transformational as we hope.”

View the original content and more from this author here: http://ift.tt/1JZPiy6



from cyber security caucus http://ift.tt/1Nt5aPN
via IFTTT

No comments:

Post a Comment