The Institute for Information Infrastructure Protection (I3P), an organization managed by Dartmouth, is one of 34 recipients awarded a contract for cyber security research and development by the Department of Homeland Security Science and Technology Directorate (DHS S&T).
“The I3P is a leading national consortium addressing a broad range of cyber-security issues, and this award illustrates the impact of the I3P’s research,” says Interim Provost Martin Wybourne, the chair of I3P. “Dartmouth is proud to lead this vital organization and we are delighted to further our research with the support of the award from the Department of Homeland Security.”
The I3P has received $3 million in funding from DHS S&T for a three-year project researching Computer Security Incident Response Teams (CSIRTs), in particular examining what makes and sustains an effective CSIRT. A CSIRT is a group of experts that assesses, documents, and responds to cyber incidents so that affected networks can recover quickly and avoid future incidents.
CSIRTs can assist in preventing or responding to hypothetical attacks such as those mentioned in an October New York Times article. In the article, Defense Secretary Leon Panetta is quoted discussing a potential “cyber-Pearl Harbor” and the threat of adversaries who “could derail passenger trains, or even more dangerous, derail passenger trains loaded with lethal chemicals. They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.”
Shari Lawrence Pfleeger, director of research for the I3P, says CSIRTs can also prevent and respond to more common attacks affecting large numbers of people, such as viruses that prevent ATMs or credit cards from working. For the many groups and organizations vulnerable to these attacks, such as banks, government agencies, and the military, effective CSIRTs are a necessity.
“The Department of Homeland Security project is an important one, because it addresses the effectiveness of how teams respond to cyber security incidents,” says Pfleeger. “The I3P excels at multi-institution, multi-disciplinary projects, and this one is no exception.”
Pfleeger says collaborators on the project include the Tuck School of Business, Hewlett-Packard, and organizational psychologists at George Mason University.
“I’m thrilled to be working with the I3P on our recent DHS grant exploring team effectiveness of CSIRTs,” says Bill Horne, research manager, cloud and security lab at Hewlett-Packard Labs. “The I3P is one of the few organizations I know of that can draw on researchers from a wide range of fields to approach complex problems in security in novel ways.”
The I3P is a federally funded consortium of 28 universities, national laboratories, and nonprofit organizations that conduct cyber security research. Dartmouth manages the consortium, and the small operations staff is based on campus. Since its founding at Dartmouth in 2002, the I3P has worked to build communication among academic, industrial, and governmental organizations while developing technologies to address infrastructure vulnerabilities.
Pfleeger says the results of this project will be far-reaching.
“The lessons learned on this project,” says Pfleeger, “will help improve incident response teams worldwide.”
In October, member institutions gathered in Washington, D.C., to commemorate I3P’s 10th anniversary.