Published: Thursday, September 8, 2011
IU's REN-ISAC receives $800,000 NSF grant for cybersecurity initiative
FOR IMMEDIATE RELEASE
Sept. 8, 2011
BLOOMINGTON, Ind. -- The National Science Foundation (NSF) has awarded $800,000 to the IU-operated Research and Education Networking Information Sharing and Analysis Center (REN-ISAC) to develop new capabilities to collect and share cybersecurity threat data and intelligence.
"There is too much of a lag between the development of intelligence and actions that cybersecurity professionals can take," said Doug Pearson, REN-ISAC technical director and principal investigator on the grant. "The new tools we are developing will aid discovery, reduce lag time and enrich threat intelligence, thereby making our partner institutions more secure."
REN-ISAC is an integral part of U.S. higher education's strategy to improve cybersecurity through monitoring, analysis, early warning, dissemination and response. It also facilitates collaboration within the higher education and research communities, engaging trusted institutional member representatives in protecting and responding to threats and events within the sector. REN-ISAC represents the R&E community as a trusted partner in the National Council of ISACs, and in commercial, governmental and private security information sharing relationships.
The NSF grant will fund the continued development of REN-ISAC's Security Event System (SES), an open source tool that improves protection, response and action against cybersecurity threats. The system collects and correlates intelligence regarding threat and bad actor Internet elements. SES is aimed specifically at breaking down organizational boundaries to improve community security.
The second phase of SES development -- the Collective Intelligence Framework (CIF) -- integrated a vast array of data from private partners, public sources and mining, to provide intelligence supporting reputational knowledge and forensic history of Internet elements. SES/CIF, through deployment in REN-ISAC, directly supports cybersecurity protection and response in the higher education and research communities.
The third phase of development, SESv3 -- funded by the NSF grant -- is aimed at sharing intelligence among discrete trust federations including R&E, industry, government and law enforcement. "Wes Young and Gabriel Iovino, REN-ISAC principal security engineers, deserve recognition for vision, design, and execution," Pearson said. "In particular, Gabe for making sure we didn't jump off too many cliffs and Wes for helping us jump off some cliffs."
SESv3 will enrich threat identification, knowledge and understanding by incorporating additional data types; permit massive scaling of the repository; and incorporate SES/CIF interaction into common incident analyst and responder tools. Additionally, SESv3 will encourage more robust and timely actions for cybersecurity protection and response.
The REN-ISAC mission is to aid and promote cybersecurity operational protection and response within the higher education and research (R&E) communities. The mission is conducted within the context of a private community of trusted representatives at member institutions, and in service to the R&E community at large. REN-ISAC serves as the R&E trusted partner for served networks, the formal US ISAC community, and in other commercial, governmental, and private security information sharing relationships. REN-ISAC is supported through the IU Office of the Vice President for Information Technology, member institutions, and with assistance from Louisiana State University, Internet2, EDUCAUSE, and the IU Center for Applied Cybersecurity Research. For more information, see http://www.ren-isac.net/.