The Northrop Grumman Cybersecurity Research Consortium, a five-year partnership between the defense contractor and three leading computer science universities, has focused on improving mobile and cloud security and on reducing the cost of recovery from cyberattacks, said Robert Brammer, vice president of advanced technology and CTO at Northrop Grumman Information Systems.
The consortium is an important way for university researchers to tackle long-term issues, not just respond to recent attacks, participants said. "There is no silver bullet here," said Ronald Rivest, a computer science professor at the Massachusetts Institute of Technology. "We must aim for steady progress here, not perfection."
Cloud computing has been a high priority for the consortium and for Northrop Grumman customers, Brammer said during a press conference to update the consortium's work. The consortium members, also including Carnegie Mellon University and Purdue University, have been researching how to use low-cost processors to perform specialized encryption tasks in a cloud environment and on digital watermarking technologies as a way to establish the integrity of data, he said.
"These projects have shown the ability in a lab environment to withstand various types of cloud cyberattacks," Brammer said. "We're beginning to test these techniques on larger scale [environments]."
Another research area is focused on infrastructure security, with one project working to optimize the configuration and location of security sensors on computer networks. "Our customers are all interested in reducing the fraction of their IT spending on infrastructure so that they can increase the fraction spent on mission-critical capabilities," Brammer said. "The key question here is, given a certain budget for things like firewalls, intrusion detection systems and prevention systems, how do you get the most bang for your buck?"