Cybersecurity: Education, Training, and R&D Authoritative Reports and Resources

Much is written on the topics of current gaps in the education and training of a cybersecurity workforce and the need for technology research and development (R&D) to solve cybersecurity technical issues. This CRS report directs the reader to authoritative sources that address these issues. The annotated descriptions of these sources are listed in reverse chronological order, with an emphasis on material published in the past several years. This report also includes resources and studies from government agencies (federal, state, local, and international), think tanks, academic institutions, news organizations, and other sources.

Table 1 provides education and training resources, including scholarships, internships, the cybersecurity workforce, and the National Cybersecurity Centers of Excellence (NCCoE).

Table 2 provides R&D resources, including the Defense Advanced Research Project Agency (DARPA), National Science Foundation (NSF), Department of Defense (DOD), and private industry R&D programs and funding.

The following CRS reports comprise a series that compiles authoritative reports and resources on these cybersecurity topics:

CRS Report R44405, Cybersecurity: Overview Reports and Links to Government, News, and Related Resources, by Rita Tehan

CRS Report R44408, Cybersecurity: Cybercrime and National Security Authoritative Reports and Resources, by Rita Tehan

CRS Report R44410, Cybersecurity: Critical Infrastructure Authoritative Reports and Resources, by Rita Tehan

CRS Report R44417, Cybersecurity: State, Local, and International Authoritative Reports and Resources, by Rita Tehan

CRS Report R44427, Cybersecurity: Federal Government Authoritative Reports and Resources, by Rita Tehan

CRS Report R43317, Cybersecurity: Legislation, Hearings, and Executive Branch Documents, by Rita Tehan

CRS Report R43310, Cybersecurity: Data, Statistics, and Glossaries, by Rita Tehan

Cybersecurity: Education, Training, and R&D Authoritative Reports and Resources

November 21, 2017 (R44406)
Jump to Main Text of Report


Much is written on the topics of current gaps in the education and training of a cybersecurity workforce and the need for technology research and development (R&D) to solve cybersecurity technical issues. This CRS report directs the reader to authoritative sources that address these issues. The annotated descriptions of these sources are listed in reverse chronological order, with an emphasis on material published in the past several years. This report also includes resources and studies from government agencies (federal, state, local, and international), think tanks, academic institutions, news organizations, and other sources.

Table 1 provides education and training resources, including scholarships, internships, the cybersecurity workforce, and the National Cybersecurity Centers of Excellence (NCCoE).

Table 2 provides R&D resources, including the Defense Advanced Research Project Agency (DARPA), National Science Foundation (NSF), Department of Defense (DOD), and private industry R&D programs and funding.

The following CRS reports comprise a series that compiles authoritative reports and resources on these cybersecurity topics:

Cybersecurity: Education, Training, and R&D Authoritative Reports and Resources


Much is written on the topics of current gaps in the education and training of a cybersecurity workforce and the need for technology research and development (R&D) to solve cybersecurity technical issues. This CRS report directs the reader to authoritative sources that address many of these prominent issues. The annotated descriptions of these sources are listed in reverse chronological order, with an emphasis on material published in the past several years. It includes resources and studies from government agencies (federal, state, local, and international), think tanks, academic institutions, news organizations, and other sources related to

  • Table 1—education and training, including scholarships, internships, the cybersecurity workforce, and the National Cybersecurity Centers of Excellence (NCCoE); and
  • Table 2—R&D, including the Defense Advanced Research Project Agency (DARPA), National Science Foundation (NSF), Department of Defense (DOD), and private industry R&D programs and funding.

Table 1. Education and Training

(includes scholarships, internships, cybersecurity workforce, and the National Cybersecurity Center of Excellence [NCCoE])





U.S. Cyber Challenge (USCC)

Center for Internet Security

Continuously Updated

USCC's goal is to find 10,000 of America's best and brightest people to fill the ranks of cybersecurity professionals where their skills can be of the greatest value to the nation.

Information Assurance Scholarship Program

Department of Defense (DOD)

Continuously Updated

The Information Assurance Scholarship Program is designed to increase the number of qualified personnel entering the information assurance and information technology fields within the department. The scholarships also are an attempt to effectively retain military and civilian cybersecurity and IT personnel.

National Initiative for Cybersecurity Careers and Studies (NICCS)

Department of Homeland Security (DHS)

Continuously Updated

NICCS is an online resource for cybersecurity career, education, and training information. It is a partnership between DHS, the National Institute of Standards and Technology (NIST), the Office of the Director of National Intelligence (ODIN), DOD, the Department of Education (ED), the National Science Foundation (NSF), and the Office of Personnel Management (OPM).

Experimental Research Testbed (DETER)


Continuously Updated

The DETER testbed is used to test and evaluate cybersecurity technologies of more than 200 organizations from more than 20 states and 17 countries, including DHS-funded researchers, the larger cybersecurity research community, government, industry, academia, and educational users.

DHS Secretary's Honors Program: Cyber Student Volunteer Initiative


Continuously Updated

The Initiative is for current college students pursuing a program of study in a cybersecurity-related field. Selected students learn about the DHS cybersecurity mission, complete hands-on cybersecurity work, and build technical experience in key areas, such as digital forensics, network diagnostics, and incident response.

National Centers of Academic Excellence (CAE) in Information Assurance (IA)/Cyber Defense (CD)

DHS and National Security Agency (NSA)

Continuously Updated

These programs promote higher education and research in IA and increasing the number of professionals with IA expertise in various disciplines. Postsecondary institutions may receive a CAE/IAE or CAE-R designation that is valid for five academic years. A school must successfully reapply to retain its CAE designation. Students attending these designated schools are eligible to apply for scholarships and grants through the DOD's Information Assurance Scholarship Program (IASP) and the Scholarship for Service (SFS) program.

Cybersecurity Initiative

George Washington University

Continuously Updated

The initiative focuses Interdisciplinary approaches to cybersecurity education, active defense, intellectual property and trade secrets, and workforce development.

Michigan Cyber Range (MCR)

Merit Networks

Continuously Updated

MCR enables individuals and organizations to develop detection and reaction skills through simulations and exercises. This is a partnership between the state of Michigan, Merit Network, federal and local governments, colleges and universities, and the private sector.

Cyber Curriculum (K-12)

National Integrated Cyber Education Research Center (NICERC)



One of the organization's objectives is to develop the nation's cyber workforce through the creation and enhancement of STEM and cyber educational opportunities for teachers and students.

CyberSeek Tool

National Institute of Standards and Technology (NIST)

Continuously Updated

CyberSeek is an interactive online tool designed to make it easier for cybersecurity job seekers to find openings and employers to identify skilled workers. It focuses on cybersecurity education, training, and workforce development. The tool fills in knowledge gaps so policymakers, employers, security professionals, and others will have greater visibility into the demand for cybersecurity professionals around the country, allowing them to see the skills and types of workers that employers are looking for, as well as the true supply of professionals to fill those positions.

National Initiative for Cybersecurity Education (NICE)


Continuously Updated

NICE is an ongoing program to teach Americans sound cybersecurity practices. The program's goals are to enhance the security of the country, improve computer security in the workplace and at home, and prepare future employees in the cybersecurity workforce.

CyberCorps Scholarship for Service

National Science Foundation (NSF)



Provides funds to institutions of higher education (IHE) through two tracks:
(1) Scholarship Track—IHE award scholarships to students in the information assurance (IA) and computer security fields for undergraduate, graduate, and Ph.D. study levels. Recipients also participate in the federal government's summer internship program. (2) Capacity Building Track—IHE funds IA faculty professional development and the development of IA academic programs.

Campus Cyberinfrastructure - Data, Networking, and Innovation Program (CC*DNI)


Continuously Updated

CC*DNI invests in campus-level data and networking infrastructure and integration activities tied to achieving higher levels of performance, reliability and predictability for science applications, and distributed research projects.

NSA Student Programs

National Security Agency (NSA)



Information on internships, fellowships, co-op programs, scholarships, and high school programs for high school, undergraduate, and graduate students.

GenCyber Program




The program sponsors summer camps across the nation designed for elementary, middle, and high school students and teachers that focus on engaging the learners with sound cybersecurity principles and teaching techniques.

Office of Personnel Management



The website is aimed at reaching federal managers, current employees, job seekers, and academic organizations and students. The site is designed as a one-stop shop to better educate those audiences about new federal cyber opportunities and provide resources to help them develop their careers in the field.

SANS Cyber Talent Academies (Vet Success and Women's Immersion)

SANS Institute



The SANS VetSuccess Academy provides U.S. military veterans with advanced technical training, industry-recognized certifications, and connections to high-paying jobs and rewarding careers in cybersecurity. The Women's Immersion Academy is an intensive, accelerated program designed for completion in six to eight months, depending upon program selected. The program is at no cost to the selected women who attend and includes training and certification. The academy is 100% scholarship-based, and includes two to three SANS training courses taught by expert faculty as well as the associated GIAC certifications.

Cyber Career Connection (SC3)




The program provides underserved young adults and veterans with targeted education, training, and certifications that position them to fill in-demand cybersecurity jobs and enter long-term careers. SC3 provides a mix of classroom and hands-on education, followed by on-the-job experience at cybersecurity internships with some of America's leading employers.


U.S. Air Force

Continuously Updated

There are three main programs within CyberPatriot: the National Youth Cyber Defense Competition, Air Force Association (AFA) CyberCamps, and the Elementary School Cyber Education Initiative. CyberPatriot was conceived by the AFA to inspire students toward careers in cybersecurity or other science, technology, engineering, and mathematics (STEM) disciplines.

Safe Online Surfing Internet Challenge: Free Cyber Safety Program Redesigned for New School Year


September 12, 2017

The FBI's Safe Online Surfing (SOS) Internet Challenge—a free, educational program for children that teaches cyber safety—has been redesigned for the 2017-2018 school year, with new graphics and updated content. The new SOS program, created for students in third through eighth grades, covers age-appropriate topics, such as cyberbullying, passwords, malware, social media, and more. The program also provides teachers with a curriculum that meets state and federal Internet safety mandates.

National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework


August 2017

Updated version of workforce framework. Veterans, vocational schools and loan forgiveness could all be key to building tomorrow's cybersecurity workforce.

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure: Workforce Development


July 12, 2017

NIST is seeking information on the scope and sufficiency of efforts to educate and train the Nation's cybersecurity workforce and recommendations for ways to support and improve that workforce in both the public and private sectors. (3 pages)

Best Places to Work for Cyber Ninjas

SANS Institute

May 2017

The report provides a methodology for ranking employers on their success in recruiting and retaining a critical mass of cyber ninjas, names leaders in that ranking among federal IT contractors, and adds substance to the CSIS findings by naming two of the best places to work and by publishing interviews with ninjas who work for those leading employers.

Federal Efforts Are Under Way That May Address Workforce Challenges


April 4, 2017

The statement discusses challenges agencies face in ensuring an effective cybersecurity workforce, recent initiatives aimed at improving the federal cyber workforce, and ongoing activities that could assist in recruiting and retaining cybersecurity professionals. GAO relied on published work related to federal cybersecurity workforce efforts, and information reported by other federal and nonfederal entities focusing on cybersecurity workforce challenges. (21 pages)

Information Technology and the U.S. Workforce: Where Are We and Where Do We Go from Here?

National Academies Press

March 2017

The book explores the interactions between technological, economic, and societal trends and identifies possible near-term developments for work. It emphasizes the need to understand and track these trends and develop strategies to inform, prepare for, and respond to changes in the labor market. It offers evaluations of what is known, notes open questions to be addressed, and identifies promising research pathways moving forward. (198 pages)

Guidance for Assigning New Cybersecurity Codes to Positions with Information Technology, Cybersecurity, and Cyber-Related Functions


January 4, 2017

OPM revised standard data codes for information technology and cyber-related positions. New guidance recognizes nine categories and 31 specialty areas of cyber functions. Using these codes will help agencies better understand their work requirements and skills and compare them to the private sector and academia.

Compensation Flexibilities to Recruit and Retain Cybersecurity Professionals


November 29, 2016

The guidance outlines the special rates under the General Schedule that can be paid to IT management and computer professionals and other incentive tools. For example, agency leaders can offer up to 25% of annual pay bonus for retaining an employee and 10% for a group of employees. There are also relocation incentives and student loan repayment up to $60,000. (25 pages)

NICE Cybersecurity Workforce Framework (NCWF)


November 2016

The publication serves as a fundamental reference to describe how the NCWF provides organizations with a common, consistent lexicon to categorize and describe cybersecurity work. It describes a superset of cybersecurity tasks for each work role and the Knowledge, Skills, and Abilities (KSAs) demonstrated by a person whose cybersecurity position includes each work role. (130 pages)

Cybersecurity Education and Workforce Development


September 21, 2016

Five nonprofits have been awarded NIST grants totaling nearly $1 million for projects supporting cybersecurity education, training, and workforce development. The Regional Alliances and Multistakeholder Partnerships to Stimulate Cybersecurity and Workforce Development projects will run for 15 months and will support students and marketplace stimulation, aligning them with the National Cybersecurity Workforce Framework's sets of tasks and KSAs that define cybersecurity work.

Federal Cybersecurity Workforce Strategy

White House

July 12, 2016

The strategy establishes four key initiatives: (1) Expand the Cybersecurity Workforce through Education and Training, (2) Recruit the Nation's Best Cyber Talent for Federal Service, (3) Retain and Develop Highly Skilled Talent, and (4) Identify Cybersecurity Workforce Needs.

Regional Alliances and Multistakeholder Partnerships to Stimulate (RAMPS)


May 11, 2016

NIST is providing assistance to establish Regional Alliances and Multistakeholder Partnerships to Stimulate (RAMPS) Cybersecurity Education and Workforce Development. Effective multistakeholder workforce partnerships focus on organizing multiple employers with skill shortages in specific occupations to focus on developing the skilled workforce to meet industry needs within the local or regional economy.

Closing Skills Gaps: Strategy, Reporting and Monitoring


April 15, 2016

OPM tasked chief human capital officers with identifying specific skills gaps in their agencies. The memo calls on agencies to develop 4-year and 10-year plans for closing gaps in those areas. (1 page)

Computer Science for All

White House

January 30, 2016

Provides $4 billion in funding for states, and $100 million directly for districts in the President's budget to increase access to K-12 Computer Science by training teachers, expanding access to high-quality instructional materials, and building effective regional partnerships.

Guidance on Recruitment, Relocation and Retention (3R) Incentives


January 15, 2016

OPM has enhanced the ability of federal human resources managers to use recruitment, relocation and retention (3R) incentives to attract or hang onto cybersecurity workers. (1 page)

Cybersecurity Jobs "Heat Map" Initiative

National Institute for Cybersecurity Education (NICE)

October 27, 2015

NIST will fund a project developing a visualization tool that will show the demand for and availability of cybersecurity jobs across the U.S. CompTIA, a nonprofit information technology trade association, in partnership with job market research and analytics company Burning Glass Technologies, received a three-year grant to create a "heat map" visualizing the need for and the supply of cybersecurity professionals across the country.

Increasing the Effectiveness of the Federal Role in Cybersecurity Education

National Academy of Public Administration

October 2015

The study examines two of the nation's leading cybersecurity education programs—the National Centers for Academic Excellence in Information Assurance/Cyber Defense (CAE) program and the CyberCorps: Scholarship for Service (SFS) program. The report covers various aspects of these programs, including funding, performance indicators, curriculum, and designation standards. The report recommends more closely involving the Defense Department, expanding the programs to encompass the entire public sector, incorporating more hands-on elements in the training, and improving metrics to track the programs. (52 pages)

Tech Hire Initiative

White House

March 9, 2015

Under TechHire, 21 regions, with over 120,000 open technology jobs and more than 300 employer partners in need of this workforce, are announcing plans to work together to new ways to recruit and place applicants based on their actual skills and to create more fast track tech training opportunities.

U.S. Department of Energy to Offer $25M Grant for Cybersecurity

White House

January 15, 2015

Vice President Joe Biden and Energy Secretary Ernest Moniz announced a $25 million DOE grant over five years for cybersecurity education. The grant program will establish a Cybersecurity Workforce Pipeline Consortium within the DOE with funding from its Minority Serving Institutions Partnerships Program under its National Nuclear Security Administration. The participants are historically black colleges and universities, national labs, and K-12 school districts.

VetSuccess: Scholarships and Jobs for Veterans in Cybersecurity

SANS Institute and Center for Strategic & International Studies (CSIS)

December 11, 2014

VetSuccess will provide scholarships to 12 Air Force veterans to receive training and certifications in network intrusion detection, incident handling, and cybersecurity foundations. Scholarship recipients will also be matched with highly sought-after jobs in cybersecurity.

Training for High-Growth Information Technology and Cybersecurity Jobs

Department of Labor (DOL)

September 29, 2014

The Trade Adjustment Assistance Community College and Career Training (TAACCCT) competitive grant program funded $450 million in job-driven training grants to nearly 270 community colleges across the country. The program is co-administered by the DOL and ED.

U.S.A. Cyber Warrior Scholarship Program

(ISC)2 Foundation and Booz Allen Hamilton

June 21, 2013

The (ISC)2 Foundation and Booz Allen Hamilton announced the launch of the U.S.A. Cyber Warrior Scholarship program, which will provide scholarships to veterans to obtain specialized certifications in the cybersecurity field. The scholarships are intended to cover all of the expenses associated with certification, such as training, textbooks, mobile study materials, certification testing, and the first year of certification maintenance fees.

Source: Highlights compiled by the Congressional Research Service (CRS) from the sources.

Notes: Listed in alphabetical order by source. Page counts are for documents, other cited resources are web pages.

Table 2. Research and Development (R&D)

(includes DARPA, NSF, DOD, and private industry R&D programs and funding)





Digital Intelligence and Investigation

CERT Software Engineering Institute (Carnegie Mellon)

Continuously Updated

Current tools and processes are inadequate for responding to increasingly sophisticated attackers and cybercrimes. To address this problem, the Digital Intelligence and Investigation Directorate (DIID) conducts research and develops technologies, capabilities, and practices that organizations can use to develop incident response capabilities and facilitate forensics investigations. DIID team members also develop advanced tools and techniques to address gaps that are not covered by existing resources.

Quantifying Software Risk For Consumers

Cyber Independent Testing Laboratory (CITL)

Continuously Updated

CITL has developed ways to score and compare the security of software products, such as web browsers and operating systems.

Transparent Computing

Defense Advanced Research Projects Agency (DARPA)

Continuously Updated

The Transparent Computing (TC) program aims to develop basic technologies that are separable and usable in isolation (e.g., within a given software layer or application environment, such as web middleware) while exploring the best way to integrate multiple TC technologies in an experimental prototype.

Active Authentication


Continuously Updated

Seeks to address active authentication by developing novel ways of validating the identity of the person at the console that focus on the unique aspects of the individual through the use of software based biometrics.

Cyber Grand Challenge


Continuously Updated

Cyber Grand Challenge (CGC) is a contest to build high-performance computers capable of playing in a Capture-the-Flag style cybersecurity competition. During all competition events, fully automated systems will compete with no human involvement. The final competition event will be visualized, narrated, and streamed worldwide. CGC is open at no cost to teams around the world, and the top prize at the final competition event will be $2M.

Rapid Attack Detection, Isolation and Characterization Systems (RADICS)

DARPA and BAE Systems

Continuously Updated

RADICS are testing technologies that can detect and respond to cyberattacks on U.S. critical infrastructure, especially those parts critical to the Defense Department. The goal of the protective technology is to detect and disconnect unauthorized internal and external users from local networks within minutes and create a robust, hybrid network of data links secured by multiple layers of encryption and user authentication.

Cyber Consortium

Fortinet and Palo Alto Networks

Continuously Updated

The consortium seeks to share intelligence on threats across large security vendors and aid a coordinated response to incidents. No customer data is shared, only malware samples. The two companies also extend an open invitation to other security firms to join them, provided these firms can share at least 1,000 samples of new malware executables daily.

QRadar with Watson


Continuously Updated

Watson for Cyber Security augments a security analyst's ability to identify and understand sophisticated threats, by tapping into unstructured data (ex. blogs, websites, research papers) and correlating it with local security offenses.

IEEE Computer Society Center for Secure Design

Institute of Electrical and Electronics Engineers (IEEE) Cyber Security

Continuously Updated

The Center for Secure Design aims to shift some of the focus in security from finding bugs to identifying common design flaws in the hope that software architects can learn from others' mistakes.

Annual Best Scientific Cybersecurity Paper Competition

National Security Agency (NSA)

Continuously Updated

The competition is for scientific papers that show an outstanding contribution to cybersecurity science. The competition was created to stimulate research toward the development of systems that are resilient to cyberattacks. Entries are judged on scientific merit, the strength and significance of the work reported, and the degree to which the paper exemplifies how to perform and report scientific research in cybersecurity.

National Cybersecurity Center of Excellence (NCCoE)

National Institute of Standards and Technology (NIST)

Continuously Updated

The NCCoE is a new public-private collaboration to bring together experts from industry, government, and academia to design, implement, test, and demonstrate integrated cybersecurity solutions and promote their widespread adoption.

Cyber Innovation Center (SAIC)


Continuously Updated

SAIC helps bolster the design of cyber-risk management programs that identify and neutralize cyberattacks and will assist in performing certification and accreditation testing of information technology systems.

UL Cybersecurity Assurance Program

Underwriters Laboratory

Continuously Updated

UL CAP uses the new UL 2900 series of standards to offer testable cybersecurity criteria for network-connectable products and systems to assess software vulnerabilities and weaknesses, minimize exploitation, address known malware, review security controls and increase security awareness.

New Funding Enables Work on Internet Policy and Cybersecurity for Key Infrastructure

MIT's Internet Policy Research Initiative (IPRI)

May 19, 2017

IPRI has awarded $1.5 million to a select group of principal investigators for early-stage Internet policy and cybersecurity research projects. The seed fund grants cover five interdisciplinary projects, with lead researchers from across campus including the MIT Sloan School of Management, the Department of Urban Studies and Planning (DUSP), and CSAIL.

DHS S&T transition to practice program announces 2017 cohort

Science and Technology Directorate's (S&T) Transition to Practice (TTP) program

May 11, 2017

Eight new cybersecurity technologies developed by researchers at federally funded laboratories and academic research centers are ready for the commercial market.

Foundational Cybersecurity Research: Improving Science, Engineering and Research (prepublication copy)

National Academy of Sciences

May 2017

The report focuses on foundational research strategies for organizing people, technologies, and governance. These strategies seek to ensure the sustained support needed to create an agile, effective research community, with collaborative links across disciplines and between research and practice. This report is aimed primarily at the cybersecurity research community, but takes a broad view that efforts to improve foundational cybersecurity research will need to include many disciplines working together to achieve common goals.

Baking Hack Resistance Directly into Hardware


April 10, 2017

DARPA's new System Security Integrated Through Hardware and Firmware (SSITH) program seeks to address the seven classes of hardware vulnerabilities listed in the Common Weakness Enumeration (, a crowd-sourced compendium of security issues that is familiar to the information technology security community. In cyberjargon, these classes are permissions and privileges, buffer errors, resource management, information leakage, numeric errors, crypto errors, and code injection. Researchers have documented some 2800 software breaches that have taken advantage of one or more of these hardware vulnerabilities, all seven of which are variously present to in the integrated microcircuitry of electronic systems around the world. According to research, "Remove those hardware weaknesses, and you would effectively close down more than 40% of the software doors intruders now have available to them."

Consumer Reports to Begin Evaluating Products, Services for Privacy and Data Security

Consumer Reports

March 8, 2017

Consumer Reports is launching the first phase of a collaborative effort to create a new standard that safeguards consumers' security and privacy—and hopes industry will use that standard when building and designing digital products such as connected devices, software, and mobile apps. The goal is to help consumers understand which digital products do the most to protect their privacy and security and give them the most control over their personal data. The standard can also eventually be used by CR and others in developing test protocols to evaluate and rate products—which will help consumers make more informed purchasing decisions.

Snapshot: Turning Back DDoS Attacks

DHS Science and Technology, Homeland Security Advanced Research Projects Agency's Cyber Security Division (CSD)

February 16, 2017

The project is spearheading a three-pronged approach to shift the advantage to network infrastructure defenders. The project's two primary focuses are on (1) increasing deployment of best practices to slow attack scale growth and (2) defending networks against a one Tbps attack through development of collaboration tools that can be used by medium-size organizations. A third project focus addresses other types of denial of service attacks, such as attacks against 911 and Next Generation 911 emergency management systems.

CyLab researchers create network traffic visualization tool to help thwart cyber attacks

Carnegie Mellon

November 7, 2016

Researchers have created a tool that allows visualization of network traffic to more easily identify key changes and patterns. The researchers have used this tool to inspect network traffic during distributed denial-of-service (DDoS) attacks and map out the structure of malware distribution networks.

New tool detects malicious websites before they cause harm

Princeton University Engineering School

October 27, 2016

A new technique hopes to detect malicious websites as early as when the domains are registered.

Shuffling May Be Best Cybersecurity Defense

George Mason University

March 22, 2016

Researchers propose a "moving-target" defense against DDoS attacks. The defense works by repeatedly shuffling client-to-server assignments to identify and eventually quarantine malicious clients.

Rapid Attack Detection, Isolation and Characterization (RADICS) Proposers Day


November 24, 2015

DARPA is interested in technology that can detect network anomalies signaling a threat or attack, map out industrial control systems and analyze system protocols—especially for threats directed at the power grid and related systems. In general, DARPA is seeking an "automation revolution in computer security" so that machines can discover and fix software vulnerabilities within seconds, "instead of waiting up to a year under the current human-centric system."

NSF Awards $74.5 Million to Support Interdisciplinary Cybersecurity Research

National Science Foundation (NSF)

October 7, 2015

The NSF awarded $74.5 million in research grants through the NSF Secure and Trustworthy Cyberspace (SaTC) program. In total, the SaTC investments include a portfolio of 257 new projects to researchers in 37 states. The largest, multi-institutional awards include research to better understand and offer reliability to new forms of digital currency known as cryptocurrencies, which use encryption for security; invent new technology to broadly scan large swaths of the Internet and automate the detection and patching of vulnerabilities; and establish the "science of censorship resistance" by developing accurate models of the capabilities of censors.

Leveraging the Analog Domain for Security (LADS) Program


September 25, 2015

DARPA is soliciting innovative research proposals in the area of enhanced cyber defense through analysis of involuntary analog emissions. Proposed research should investigate innovative approaches that enable evolutionary advances in science, devices, or systems. Specifically excluded is research that primarily results in evolutionary improvements to the existing state of practice.

CyberTwitter: Using Twitter to generate alerts for Cybersecurity Threats and Vulnerabilities, IEEE Computer Society

International Symposium on Foundations of Open Source Intelligence and Security Informatics

August 19, 2016

Describes CyberTwitter, a system to discover and analyze cybersecurity intelligence on Twitter and serve as a OSINT (Open–source intelligence) source. Researchers analyze real time information updates, in form of tweets, to extract intelligence about various possible threats. (8 pages)

Monitoring Side-Channel Signals Could Detect Malicious Software on IoT Devices

Georgia Tech Research Horizons

August 2016

A $9.4 million grant from DARPA could lead to development of a new technique for wirelessly monitoring Internet of Things (IoT) devices for malicious software—without affecting the operation of the ubiquitous but low-power equipment. The technique will rely on receiving and analyzing side-channel signals, electromagnetic emissions that are produced unintentionally by the electronic devices as they execute programs.

DISA Secures $9.7 million from DOD Rapid Innovation Fund Program

Defense Information Systems Agency

July 26, 2016

DISA's Rapid Innovation Fund is pursuing "mature prototypes" of cybersecurity technologies that could be operationalized within two years.

Shuffling May Be Best Cybersecurity Defense

George Mason University

March 22, 2016

Researchers propose a "moving-target" defense against DDoS attacks. The defense works by repeatedly shuffling client-to-server assignments to identify and eventually quarantine malicious clients.

Federal Cybersecurity R&D Strategic Plan: Request for Information


April 27, 2015

In response to the Cybersecurity Enhancement Act of 2014 (P.L. 113-274), federal agencies are developing a cybersecurity research and development strategic plan. On behalf of the agencies, the Cyber Security and Information Assurance Research and Development Senior Steering Group seek public input on research objectives for the plan. The strategic plan is intended to be used to guide and coordinate federally funded cybersecurity research. (1 page)

DHS S&T App Technology Transitions to Commercial Market

Department of Homeland Security (DHS) Science and Technology Directorate

December 5, 2014

DHS announced it would continue funding technology company Kryptowire so the company could further pursue private-sector clients. Kryptowire sells software that identifies security vulnerabilities in mobile applications and archives the results. (1 page)

Hewlett Foundation Announces $45 Million in Grants to MIT, Stanford, UC Berkeley to Establish Major New Academic Centers for Cybersecurity Policy Research

Hewlett Foundation

November 18, 2014

The new programs, established with $45 million in grants from the Hewlett Foundation ($15 million to each school), are supported through the foundation's Cyber Initiative. The foundation has now committed $65 million over the next five years to strengthening the nascent field of cybersecurity, the largest such commitment to date by a private donor.

Sandia cyber-testing contributes to DHS Transition to Practice

DHS and Sandia National Laboratories

September 10, 2014

The Transition to Practice (TTP) program helps move federally funded cybersecurity technologies into broader use. The goal is to generate interest, initiate conversations, and build relationships and business partnerships that put important cyber technologies, including some developed at Sandia, into practice.

Cybersecurity Laboratory and Cybersecurity Research Program at the Computer Research Laboratory (CRL)

Louisiana Tech University Ruston

August 2014

The CRL consists of several unique facilities that include virtualization, visualization, networking, micro-aerial vehicle and sensor networks, and field programmable gate array (FPGA) laboratories. (6 pages)

Big Data and Innovation, Setting The Record Straight: De-identification Does Work

Information Technology and Innovation Foundation and the Information and Privacy Commissioner, Ontario, Canada

June 16, 2014

The paper examines a select group of articles that are often referenced in support of the idea that de-identified data sets are at risk of re-identifying individuals through linkages with other available data. It examines the ways in which the academic research referenced has been misconstrued and finds that the primary reason for the popularity of these misconceptions is not factual inaccuracies or errors within the literature but rather a tendency on the part of commentators to overstate or exaggerate the risk of re-identification. Although the research does raise important issues concerning the use of proper de-identification techniques, it does not suggest that de-identification should be abandoned. (13 pages)

Software Defined Perimeter Working Group

Cloud Security Alliance

December 1, 2013

The document explains the software defined perimeter (SDP) security framework and how it can be deployed to protect application infrastructure from network-based attacks. The SDP incorporates security standards and security concepts from organizations such as NIST and DOD into an integrated framework. (13 pages)

Resilience Metrics for Cyber Systems

(Free registration required to download.)

Seager, Thomas (Arizona State University)

November 2013

Despite their national and international importance, resilience metrics to inform management decisions are still in the early stages of development. The resilience matrix framework developed by Linkov et al. is applied to develop and organize effective resilience metrics for cyber systems. These metrics link national policy goals to specific system measures such that resource allocation decisions can be translated into actionable interventions and investments. The paper proposes a generic approach and could integrate actual data, technical judgment, and literature-based measures to assess system resilience across physical, information, cognitive, and social domains. (6 pages)

A Survey of Cyber Ranges and Testbeds

Defence Science And Technology Organisation Edinburgh (Australia), Cyber And Electronic Warfare Division

October 2013

The document reviews the state-of-the-art cyber range implementations and related computer network operations testbeds. It summarizes recently published examples and describes their purpose and functionality. The compiled information should assist organizations in making an informed decision when considering a cyber-range capability. (38 pages)

20 Critical Security Controls for Effective Cyber Defense

Center for Strategic and International Studies

November 2012

The top 20 security controls were agreed upon by a consortium. Members of the consortium include NSA, the U.S. Computer Emergency Readiness Team, DOD's Joint Task Force-Global Network Operations, the Department of Energy Nuclear Laboratories, Department of State, DOD Cyber Crime Center, and commercial forensics experts in the banking and critical infrastructure communities. (89 pages)

SBIR Phase II: Information Security Risk Taking


January 17, 2012

The NSF is funding research on giving organizations information-security risk ratings, similar to credit ratings for individuals.

Anomaly Detection at Multiple Scales (ADAMS)


November 9, 2011

The report describes a system for preventing leaks by seeding believable disinformation in military information systems to help identify individuals attempting to access and disseminate classified information. (74 pages)

At the Forefront of Cyber Security Research


August 5, 2011

The Team for Research in Ubiquitous Secure Technology (TRUST) is a university and industry consortium that examines cybersecurity issues related to health care, national infrastructures, law, and other issues facing the general public.

Source: Highlights compiled by CRS from the sources.

Notes: Listed in alphabetical order by source. Page counts are for documents, other cited resources are web pages.

Author Contact Information

[author name scrubbed], Information Research Specialist ([email address scrubbed], [phone number scrubbed])