2021-2025 Strategic Technology Roadmap Overview - CISA

1y ago
12 Views
3 Downloads
1.18 MB
16 Pages
Last View : 1m ago
Last Download : 2m ago
Upload by : Evelyn Loftin
Transcription

FEB 2021CYBERSECURITY & INFRASTRUCTURE SECURITY ISA Strategic IntentiCISA Strategic Intent

Chief Technology OfficerCISA Colleagues and Partners,CISA continues to build on the opportunities to stand up a straightforward, repeatable, and transparent technologyinvestment strategy. Our annual Strategic Technology Roadmap (STR) provides evidence-based recommendationsto help you enable and influence future capabilities. I’m hopeful this Overview publication is useful and shows youwhere we are headed with STR Version 3 (STRv3). Over the next few pages, we’ll discuss technology capabilities indevelopment, desired future capabilities, and provide a forecast of the technologies CISA will look to invest in beyond2025. The STR focuses exclusively on future technology capabilities to address persistent risks imposed by availabletechnologies and future risks discovered from meta-analyses of hundreds of authoritative artifacts, and it is scoped forthat purpose.CISA’s mission is to lead the national effort in understanding and managing cyber and physical risk. Guiding CISAtechnology investment towards the right mix of technology capabilities to best serve this mission is an evolvingchallenge. The STR serves as an annual touchstone for this challenge by identifying the technologies receiving currentinvestments and revealing the opportunity areas for future growth.On an annual basis, the STR examines how CISA defends today and secures tomorrow. To understand how we defendtoday, the STR:1Provides well-researched, evidence-based input to critical decision points that affect future CISAtechnology capabilities;2Identifies capability demands based on rigorous assessment criteria and provides recommendationsregarding further use and development of technologies to meet the demands;3Applies methods to analyze selected, significant emerging standards to estimate potential risks;4Describes where capability demands identified in the previous STR are carried forward, whereapplicable, into this version;5Forecasts relevant capabilities based on formal research and development (R&D) pipelines; and6Speculates over the horizon technologies that could address specific cyber challenges.CISA Strategic Technology Roadmap Overviewi

STRv3 reveals to CISA and our partners the technology demand areas where increased investment through2025 would have the greatest net effect. It does this by comparing current and near-term CISA technologyinvestment with meta-analyses of research produced by CISA and our government and industry partners.STRv3 incorporates improved research and analysis methods to provide more accurate linkages and supportiverationale, from findings to recommendations, to form a guide for CISA technology investments.STRv3 identifies 20 demand areas, organized into three technology domains – Cybersecurity, Communications,and Critical Enablers. We identify actionable recommendations for each demand area.Looking to the future—the “securing tomorrow” element of our mission—we wrap up STRv3 with our projectionsof the capabilities CISA may have equities in developing beyond the 2025 horizon. Though some of thesecapabilities may currently exist in limited or isolated instances, they have the potential for wide adoption. CISAneeds to be ready to embrace their development and capture their value as the technology reaches maturity.We welcome collaboration efforts from our colleagues and partners on these exciting future possibilities.Brian GattoniCISA Chief Technology OfficerCISA Strategic Technology Roadmap Overviewii

TABLE OF CONTENTSMESSAGE FROM THE CHIEF TECHNOLOGY OFFICERiINTRODUCTION1TIMELINE AND FEEDBACK LOOP2CAPABILITY DEMANDS3CAPABILITY FORECASTS4TECHNOLOGY STANDARDS6TECHNOLOGY SPECULATION8CONCLUSION9CISA Strategic Technology Roadmap Overviewiii

INTRODUCTIONThis overview summarizes the purpose and conclusion of the larger, more detailed CISA STRpublication—a publication that is critical to informing senior leaders and harmonizing the CISAtechnology investment within the 2021 to 2025 timeframe. This document does not describe anyparticular CISA project and should not be seen as any kind of request for proposals or applications.The STR—created in alignment with key CISA strategic planning documents—guides CISAtechnology investment towards achieving the agency’s tailored capability goals of aligning andintegrating our technology; maximizing our effect on cyber and critical infrastructure risks; andproviding emergency communications. This overview provides high-level summaries of the STR’sfour sections:CAPABILITY DEMANDSIdentifies capability demands based on artifactssuch as security and vulnerability assessments.CISA identified these capability demands viaanalysis of hundreds of authoritative artifactsproduced by CISA; federal, state, local, tribal,and territorial (FSLTT) partners; academia; andprivate industry. It categorizes the capabilitydemands into 20 demand areas, organizedinto three technology domains, with actionablerecommendations. The actions are standardizedso that analysis will have consistent meaningin future STR reports. The standardized termsused across all capability demands are: ADOPT,DEMO (Demonstrate), INVEST, WATCH, DEFER,and DECIDE (decision to continue or stop).CAPABILITY FORECASTSAligns the capability demands to activeR&D projects. For STRv3, CISA identified 23relevant projects from DHS S&T, CISA NRMC,and DARPA based on specific criteria. Theseprojects intersect with all but 5 of the 20capability demand areas. These five gapsbetween capability demands and R&D projectsrepresent opportunities to address risksthrough engagements and consultations, and toadvance the state of the art through R&D.CISA Strategic Technology Roadmap OverviewTECHNOLOGY STANDARDSAnalyzes technology standards of significantinterest addressing cybersecurity, criticalinfrastructure, and emergency communications.Based on criteria, the STRv3 identified standardsrequiring heightened situational awarenessand participation to mitigate risk potential. As anew focus area for STR, we expect the analysismethod to greatly improve and the findings toincrease in value and outcome.TECHNOLOGY SPECULATIONLooks beyond the 5-year planning cycle at new andemerging technologies, technologies with potentialfor capturing significant market share or creatingnew markets, and technologies that presentexceptional risks. In STRv3, this section focuseson two broad technology areas, each composedof many independently evolving technologies:Cross-Platform Information Exchange Managementusing blockchain technology; and Detecting andCountering Deepfake Technology.1

TIMELINEANDINVESTMENTLOOPThe STR follows an annual publication cycle withdelivery planned for early December each yearand kick-off for the next version while the currentversion is in review. Throughout the year, the CISAChief Technology Officer (CTO) team builds the STRby analyzing and integrating hundreds of artifactssuch as CISA security and vulnerability assessmentsand gaps/requirements for portfolios of currentCISA acquisition programs. The team also seeksto discover new, peer-reviewed studies that help toimprove STR methods, analysis and findings, andrecommendations. annual operating plans (AOPs) of each CISAdivision; and proposals for R&D submissions and lab projectsThe output from strategic planning documents— aswell as budget allocation from the PPBE process—feedinto program plans, which provide input into futurereleases of the STR. This multi-faceted planningcycle increases the effectiveness of the technologyinvestments necessary to fulfill the CISA mission.To maximize STR utility, it aligns with CISA’s planning,programming, and budgeting execution (PPBE) cycle,providing input to CISA strategic planning activitiessuch as: program decision options (PDOs); the resource allocation plan (RAP), which detailsCISA’s program funding;CISA Strategic Technology Roadmap Overview2

CAPABILITYDEMANDSThrough analyzing hundreds of artifacts — from CISA, FSLTT, partners,and private industry—as well as ongoing research, CISA identified newcapability demands since publishing STRv2 and verified capabilitydemands to move forward from STRv2. Importantly, these combinedcapability demands are opportunities to build upon planned capabilitydeployments and enhancements (CD&Es) with new technologies and toenhance the existing CISA Mission Environment (CME).STRv3 categorizes the capability demands into 20 demand areas,organized into three technology domains derived from similarities amongthe capability demand areas. The 20 demand areas, organized intothree technology domains: Cybersecurity, Communications, and CriticalEnablers.DEMAND SCORESDOMAINCYBERSECURITY Deception TechnologiesICS PatchingML and Large-Scale AnalyticsML and SOARNetwork Systems SecurityNon-IP Based SCADA/ICS Protocol MonitoringSoftware Assurance and VulnerabilityManagement Vehicle Security Zero Trust Architecture (ZTA)COMMUNICATIONS Cellular SecurityComputer-Aided Dispatch InteroperabilityLMR to Cellular InteroperabilityMission Critical Voice on Cellular NetworkNext Generation Network Priority ServicesCRITICAL ENABLERS Authoritative Time SourceDigital TwinDistributed Enterprise Data ManagementEMP and GMD Disturbance MitigationsRisk Architecture and Advanced AnalyticsSingle, Cross-Program Release and ChangeManagement ToolCISA Strategic Technology Roadmap Overview 2 YRS2-3 YRSDeception TechnologiesADOPTICS PatchingINVESTDECIDEML and Large-ScaleAnalytics3-4 YRS4-5 YRS 5 YRS4-5 YRS 5 YRS 5 YRSINVESTDECIDEML and SOARDEMODECIDENetwork Systems SecurityDEMODECIDENon-IP Based SCADA/ICSProtocol MonitoringINVEST/DEMODECIDESoftware Assurance andVulnerability ManagementDEMODECIDEVehicle SecurityINVESTDECIDEZero-Trust Architecture (ZTA)INVESTDECIDE 2 YRS2-3 YRS3-4 YRSCellular SecurityINVESTDEMODECIDEComputer-AidedDispatch InteroperabilityINVESTDEMODECIDELMR to CellularInteroperabilityINVESTDECIDEMission Critical Voiceon Cellular NetworkINVESTDECIDENext Generation NetworkPriority ServicesINVESTDEMODECIDE 2 YRS2-3 YRS3-4 YRS4-5 YRSAuthoritative Time SourceWATCHWATCHDEMODECIDEDigital TwinINVESTDEMODECIDEDistributed EnterpriseData ManagementDEMODECIDEEMP and GMDDisturbance MitigationsADOPTRisk Architecture andAdvanced AnalyticsADOPTSingle, Cross-Program Releaseand Change Management ToolADOPT3

CAPABILITYFORECASTSCommercial industry offers a wide range of products toaddress capability demands; however, there are conditionswhere product evolution may stop or slow (e.g., encountersa development plateau), or may not be commerciallyviable (e.g., a low demand/high development cost). Wherecommercial industry has no known or available solutiondue to these conditions, the STR defines linkages betweencapability demands and active R&D projects. CISA ispartnered with DHS S&T for R&D projects to continuouslytrack, forecast, and adjust its understanding of futurecapability demands and discover disruptive technologiesthat advance the state of the art and counter current,emerging, and potential adversary capabilities and otherthreats to the critical infrastructure.Mitigation actions to address these gaps include thedefinition of new requirements for R&D projects anda review of existing engagements and consultations,particularly where a demand is outside of CISA’s directinfluence or control.STR identifies 12 DHS S&T R&D projects, 10 DARPA R&Dprojects, and 1 CISA NRMC project that support the 15 ofthe 20 capability demand areas.Implementing the JCE will necessitate coordinateddevelopment and implementation of new and existingcapabilities across CISA. Data management andanalytics are important technology underpinnings for theJCE upon which expected JCE outputs depend.It should be noted that Single, Cross-Program ChangeManagement Tool is a commodity technology, so it wouldnot be expected to have associated R&D projects—theexception to this understanding may be the increasinglycomplex nature of the .gov infrastructure as it migrateson and off premise into physical, virtual, and code-onlyinstances of devices.The Joint Collaborative Environment (JCE), asrecommended by the Cyberspace Solarium Commission,is a recent priority within CISA to address operationalconcerns. Many of the identified capability demand areassupport implementing this new operational capability(e.g., Distributed Enterprise Data Management, ML– Large Scale Analytics, ML- SOAR, and Single, CrossProgram Release and Change Management Tool).The ZTA concept is sufficiently mature for demonstrations,so it would also not be expected to have associated R&Dprojects. These gaps between capability demands andactive R&D projects represent opportunities to furtherexplore the state of the art and expected value in initiatingnew R&D projects.CISA Strategic Technology Roadmap Overview4

PROJECTS MAPPEDTO CAPABILITY DEMANDAREASCISA Strategic Technology Roadmap OverviewThe following alignment of Capability Forecaststo the Capability Demand Areas illustratesopportunities for future R&D investments.5

TECHNOLOGYSTANDARDSNew in STRv3 is a method and analysis of technology standardswith risk potential within the scope of the CISA mission. STRexpands the view into future technologies by analyzing proposedtechnology standards that could be disruptive to cybersecurity,critical infrastructure, or emergency communications. CISAparticipation is encouraged with other government agencies tohelp monitor and influence emerging technology standards, andto maintain situational awareness and mitigate potential risks.The table below provides qualitative assessments of varioustechnology standards subjects against risk criteria derived fromCISA’s strategic priorities. Standards with multiple high ratingsmerit additional analysis to understand and mitigate potentialrisks.STANDARDS SUBJECT AREASRISK CRITERIA5GNew IGHPotential to reduce U.S. influence and participationin standards bodies; removes and/or shifts influenceand participation to entities whose intent could resultin negative consequences to U.S. interestsHIGHHIGHMEDIUMLOWHIGHResults in new hardware, interfaces, or protocolsthat could disrupt CISA’s mission to manage cyberand physical risk to the critical infrastructureHIGHLOWHIGHLOWLOWIntroduces new methods of communication orsignificantly changes existing methods, reducingthe effectiveness of CISA to protect and defendHIGHLOWMEDIUMLOWHIGHIntroduces new security mechanisms thatreduce the effectiveness, prevent or otherwisedisable modern security capabilitiesHIGHHIGHHIGHHIGHHIGHSignificantly alters architecture (compute,communications, storage, etc.) in which nosecurity capabilities or reference architecturesexist to protect U.S. interestsLOWMEDIUMMEDIUMLOWLOWPotential to affect entities who performNational Critical Functions (NCFs)Potential to empower, increase capability, and/or otherwise increase effectiveness of rivalsand malicious actorsCISA Strategic Technology Roadmap Overview6

CISA, together with agency partners, currently participates in multiple standards organizations, across a rangeof technical subject Y PPECDFCCATISECDFCCIEEEECDCISA Strategic Technology Roadmap Overview7

Looking beyond a five-year planning cycle, Technology Speculationlooks at new and emerging technologies, technologies with potentialfor capturing significant market share or creating new markets, andtechnologies that present exceptional risks. The Technology Speculationsection focuses on two broad technology areas, each composed ofmany independently evolving technologies: Cross-Platform InformationExchange Management using blockchain technology; and Detecting andCountering Deepfake Technology.TECHNOLOGY SPECULATIONFAKEDETECTING AND COUNTERINGDEEPFAKE TECHNOLOGYCROSS-PLATFORMINFORMATION EXCHANGEMANAGEMENTInformation exchange is fundamental to CISA’smission. However, much of CISA’s informationexchanges occur with decentralized policyenforcement for managing transactional records.This creates several challenges, one of which isthe cross-platform management of informationexchanges through centralized policy enforcementand transactional records tracking. A blockchainplatform, a shared and secured data structure thatmaintains a transactional ledger that is immutable,could address this challenge. This approach wouldsignificantly enhance current means of informationexchange traceability; data lineage tracking andprovenance; smart contracts for access and sharingpolicies; and immutable/tamper-resistant records.CISA Strategic Technology Roadmap OverviewDeepfakes are sophisticated computer-generated videoor audio that is indistinguishable from reality. It was aconcern during the 2020 election cycle and representsan outsized threat to CISA stakeholders and mission. Asdeepfake technology improves, automated detection andflagging of deepfake media will become more important.CISA is interested in monitoring the evolution of deepfakecapabilities and anticipates future developments to protectagainst the use of deepfakes and mitigate occurrences.Today’s deepfake capabilities are identified and mitigatedthrough approaches which are reliant on the inherentlimitations in deepfake production techniques. Theselimitations include absences of certain facial featuressuch as glasses and beards, abnormal or non-existent eyeblinking, inconsistencies in lighting and shadow, and simplefacial overlays. A combination of these limitations and theavailability of detection capabilities will likely minimize nearterm impacts of deepfakes. Future deepfake capabilitiesare not as well understood and expected to be virtuallyimpossible to recognize and counter.8

CONCLUSIONSTRv3CISA has developed the STR iteratively duringthe past three publication cycles—incorporatinglessons learned, improving methods, andexpanding coverage of mission relevant content—and will continue to do so with future versions.In STRv3, CISA further refined methods andbetter aligned publication with the PPBE cycle.These improvements increased the STR’sutility to the greater CISA community. STRv3covers cybersecurity, critical infrastructure, andcommunications—the full spectrum of the CISAmission space.The STR incorporates technology forecastsintegrated from diverse sources. An annual reviewof the forecasted technologies will enable CISAto maintain the situational awareness of futuretechnologies needed to identify trends that mayaffect stakeholder and government use cases,CISA Strategic Technology Roadmap Overviewas well as the continually emerging technologychanges that influence CISA’s technologyroadmap.This annual technology forecasting will reduce therisks for potential technology investment deficitswithin the CISA mission space.Looking further ahead to STRv4, in addition totracking and forecasting capability demands,analyzing new and emerging technologystandards, and speculating on the impact ofover the horizon technologies, new dimensionswill be added to enhance and broaden ourunderstanding of future technologies.We are developing methods to exploredimensions representing the economics ofcertain technologies, as well as technology riskprobabilities in relation to strategic priorities.9

ACRONYMS3GPP3rd Generation Partnership Program5G5th GenerationACESAtomic Clock with Enhanced StabilityAIArtificial IntelligenceAOPAnnual Operating PlanARCOSAutomated Rapid Certificationof SoftwareATISAlliance for TelecommunicationsIndustry SolutionsCADIEEEIETFInstitute of Electrical and ElectronicsEngineersInternet Engineering Task ForceIoTInternet of ThingsIPInternet ProtocolITU-TInternational Telecommunications Union –Telecommunications SectorJACEJoint Analysis Collaborative EnvironmentJCEJoint Collaborative EnvironmentComputer Aided DispatchMLMachine LearningCAPCCyber Analytics and Platform CapabilitiesNCFNational Critical FunctionCASECyber Assured Systems EngineeringNISACCD&ECapability Deployments and EnhancementsNational Infrastructure Simulationand Analysis CenterCISACybersecurity and InfrastructureSecurity AgencyNRMCNational Risk Management CenterNSANational Security AgencyCMECISA Mission EnvironmentOASISCOMP ModsComputable ModelsOrganization for the Advancementof Structured Information StandardsCSDCybersecurity DivisionOPS-5GOpen, Programmable, Secure 5GCTOChief Technology Officeror Office of the CTO (OCTO)PDOProgram Decision OptionsPNTPositioning, Navigation, and TimingCyLabCybersecurity LabPPBED3MData-Drive Discovery of ModelsPlanning, Programming,and Budgeting ExecutionDARPADefense Advanced ResearchProjects AgencyPSAPPublic Safety Answering PointR&DResearch and DevelopmentDDoSDistributed Denial of ServiceRAPResource Allocation PlanDHS S&TDepartment of Homeland SecurityScience and TechnologySCADASupervisory Control and Data AcquisitionSOARDoSDepartment of StateSecurity Orchestration, Automated,and ResponseECDEmergency Communications DivisionSTRStrategic Technology RoadmapEMPElectromagnetic PulseV-SPELLSFBIFederal Bureau of InvestigationFSLTTFederal, State, Local, Tribal,and Territorial partnersXAIVerified Security and PerformanceEnhancement of Large Legacy SoftwareExplainable AIXD3Extreme DDoS DefenseGMDGeomagnetic DisturbanceZTAZero Trust ArchitectureICSIndustrial Control SystemCISA Strategic Technology Roadmap Overview10

DEFINITIONSADOPT: CISA concludes industry and/or government should adopt or encourage adoption of atechnology or capability.DECIDE: An annual decision point has been reached to advance a program, project, technology, orcapability to a next phase (e.g., from Demonstrate to Adopt), stay in the current phase, reset to anearlier phase, or cease further efforts.DEFER: Significant uncertainty exists regarding the potential value and risk associated with thesetechnologies. These items may represent leading edge research and experimentation. Government atlarge may have a role, such as proposed funding streams for quantum research; otherwise, no actionsat this time.DEMO: These items which have seen R&D investment are worth pursuing to understand how to buildup the capability and incorporate it into the operations of a stakeholder or project that can toleratethe risk (e.g., pilot, prototype, large scale experiment). The Demonstrate phase is focused on ensuringthat the value proposition can be maintained while the deployment risk is managed in order to justifyoperational integration.INVEST: These items show significant value potential by improving operations or mission effectivenessand are currently or should be planned for investment (e.g., lab demonstration or experimentation,R&D Funding). The Invest phase is designed to “stabilize” an emerging technology, this may includeexperimentation, hiring of engineering, and developing a strategy for integrating an emergingtechnology into operational capabilities.WATCH: These items are identified as worth exploring with the goal of understanding how it will affectCISA and stakeholder operations and/or improve mission effectiveness or reduce stakeholder risks,justifying further R&D or other investment in the future.CISA Strategic Technology Roadmap Overview11

CISA Strategic Intent14CISA Strategic Intent

new focus area for STR, we expect the analysis method to greatly improve and the findings to increase in value and outcome. Looks beyond the 5-year planning cycle at new and . emerging technologies, technologies with potential . for capturing significant market share or creating new markets, and technologies that present exceptional risks.

Related Documents:

A27c1 Louis Stephens Dr Ext (NL) Little Drive Poplar Pike Lane 0 4 0.72 3,036,000.00 Division 2025 2025 A28b Davis Dr Farm Pond Rd US 64 2 4 1.1 10,056,446.40 Division 2025 2025 A2b Southall Rd Southall Rd (Existing) Hedingham Blvd 0 4 0.28 3,800,000.00 Division 2025 2025 A407b3 NC 42 NC

technology roadmap. These concepts are summarized in the APL Intelligent Systems Framework. Section 2: The Technology Roadmap The major technical elements of the roadmap are presented in this section. Based on envisioned futures formulated by experts from across APL, the technology roadmap is presented in the form of four technology vectors .

GSU STRATEGIC PLANNING PROCESS. The development of . Strategy 2025. was a campus wide endeavor. Details on participants and the . process used are included in the . Strategic Planning Process for Strategy 2025. Questions on the process and implementation steps can be directed to . effectiveness@govst.edu. GSU Strategic Plan 2025. 5

Roadmap identifies technologies that can be available by the 2025-2035 timeframe that generate electricity from fossil fuels with low or no emissions at a cost competitive with other sources of electricity generation. 2018 Roadmap Overview . The 2018 Roadmap reflects the technology development needs that can support an evolving U.S. power

8 NPCC Strategic Plan 2021-2025 Building a resilient tomorrow Mauritius 2020- 2025 and building on the lessons we have learned, the National Productivity and ompetitiveness ouncils (NP ) Strategic Plan 2021-2025, themed uilding a Resilient Tomorrow sets forth our vision, goa ls, objectives and strategies to drive

2019 Commonwealth Research and Technology Strategic Roadmap 10 2. Autonomous systems-The Commonwealth Research and Technology Strategic Roadmap calls upon the following prioritized sub-verticals in autonomous systems (but not limited to): a. Teaming - Coordination and interoperability between land, air and seafaring autonomous vehicles. b.

Aug 23, 2021 · ITU-R Timeline. National Roadmap WG : Mission and Timeline . The 6G Roadmap Working group is a group in charge of developing and maintaining a vision for 6G, a North American 6G roadmap and a timeframe for 6G based on the priorities recommended from the Steering Group. The 6G roadmap will identify the evolutio n

Roadmap Our roadmap is shaped around key themes demonstrating the value to be delivered to our customers. The summary roadmap for 2021 is shown below. We strive to ensure our roadmap is based on the needs and aspirations of our customers and partners, so we welcome all feedback, whether critical, supportive or investigative.