The promise of technology transfer

Research wranglers at the Department of Homeland Security are rounding up the next herd of federal cybersecurity technologies, to set them free on the commercial range in hopes of establishing hardier breeds of gear and capabilities.

In mid-December, DHS's Science and Technology directorate will showcase its latest lineup of cybersecurity technologies developed in federal research labs in hopes of transferring the technology to the commercial market for adaptation and development.

The Dec. 16 showcase in Washington, D.C., is the latest attempt by DHS to bolster the cybersecurity posture of federal users, as well as interlinked commercial users such as critical infrastructure providers -- and the broader public as well.

Among the technologies DHS is looking to commercial industry to embrace is a test bed that continually evolves to support research into cybersecurity for critical infrastructure networks. Another might allow law enforcement officers to conduct on-the-spot electronic forensics on mobile devices in the field, instead of sending a device to a lab.

The department’s Transition to Practice (TTP) technology transfer effort -- for which the showcase is a public face -- can lead to more secure federal IT down the road, said Doug Maughan, director of S&T's Cyber Security Division.

The TTP operation has been moving technology from federal labs to the private sector since 2011, and its primary goal is to push technologies that have been developed at federal agencies out to a wider pool of potential commercial developers. Better cybersecurity technology returning to DHS as a result of the program's effort, Maughan said, can be a side benefit. And that interplay is particularly important in the interconnected environment of cybersecurity.

"Cybersecurity is not a private or a government problem. It's a joint problem," agreed Mike Pozmantier, program manager for S&T Transition to Practice operations.

The TTP program, Pozmantier said, doesn't yield a monetary benefit for DHS, but it does help cybersecurity efforts in the long run by exposing technologies developed at sometimes-cloistered government research and development shops to the wider research world.

"We get better cybersecurity leading the way and we get more research," he said, allowing technological development to continue on the private sector’s dime.

Changing the game

Technologies that emerge from federal research labs were probably developed with a specific purpose in mind for a particular agency, Pozmantier said, but they hold potential for other users.

TTP finds commercial companies that can take development of the technology further. Typically, he said, the technology is licensed by the original agency to the commercial developer. The resulting commercial product, Pozmantier and Maughan explained, can bring more sharply defined products to federal and commercial IT users alike.

In September, Los Alamos National Laboratory signed its biggest technology transfer agreement ever with private cybersecurity technology company Whitewood Encryption Systems. In that deal, Los Alamos licensed a next-generation secure data encryption technology after nearly 20 years of development.

Quantum key distribution harnesses light photons to generate random numbers, creating cryptographic keys at lightning speed, according to the lab. Whitewood will use the Los Alamos-developed technology as the foundation of its initial product, a scalable quantum key management system and pay licensing fees or royalties for the technology and develop commercial products using it.

Cybersecurity experts have said the technology could be a game-changer for all sectors, including federal agencies. According to Los Alamos, any third-party attempts to eavesdrop on secure communications between quantum key holders disrupts the quantum system itself, so communication can be aborted and the snooper detected before any data is stolen.

China emphasized the importance of quantum key technology in late October when it announced it was rolling out a 1,200 mile-long fiber optic link between Beijing and Shanghai that uses quantum encryption -- this version developed in China -- that it said will be theoretically unhackable. The project is funded by the Chinese government and, according to Chinese authorities, is a response to Western cyber espionage. China, in turn, has been the lead suspect in a series of hacks on U.S. government entities over the past few years.

Pozmantier said a quantum key product for commercial and government use should come out of Whitewood by April. Whitewood Encryption Services' owner Allied Minds has said the firm’s goal is to have a hardware module for quantum random-number generation and a scalable quantum key management product available in the second quarter of 2015.

And if the TTP team has its way, the December showcase will help show them the next technologies that are ready to break from the herd.