NIST announced that this is the first FFRDC solely dedicated to enhancing the security of the nation's information systems. It will work in conjunction with NCCoE, a public-private information-sharing collaboration that brings together experts from industry, government and academia – it was established in partnership with the state of Maryland and Montgomery County in February 2012.
NCCoE has been ramping up its efforts of late. Last week, the center announced formal partnerships with 11 private companies: Cisco Systems Inc., Hewlett-Packard, HyTrust Inc., Intel Corp., McAfee Inc., Microsoft Federal Civilian Services, RSA, Splunk Inc., Symantec Corp., Vanguard Integrity Professionals and Venafi Inc. – they have all pledged to contribute hardware and software components and share best practices and personnel with the center.
“Cybersecurity is one of the toughest technical challenges facing the nation today,” said Under Secretary of Commerce for standards and technology and NIST director Patrick Gallagher, in a statement. “NIST looks forward to working with these top private-sector companies and our state and federal partners in Maryland to help the National Cybersecurity Center of Excellence jumpstart its work to better protect our vital IT infrastructure and business information.”
Now, the notice of intent for the FFRDC funding is open for comments through June 22 of this year, and will be followed by a solicitation in the fall for proposals to manage the FFRDC in the autumn of 2013.
"The FFRDC model is the most effective way the center can work with private companies to accelerate industry's adoption of integrated tools and technologies to protect IT assets," said Gallagher. "NIST has a long history of successful collaboration with industry, and this approach leverages our top cybersecurity experts while allowing the center to be as nimble as possible."
FFRDCs are independent, nonprofit R&D organizations financed by the US federal government, with a high level of access to government and supplier data. They include national labs and observatories, and essentially act as a non-biased instrument to marshal physical, scientific and engineering resources and talent across both public and private sectors for whatever dedicated purpose. In this case, that purpose will be cybersecurity.
According to its proposed mission statement, the NIST FFRDC will provide various types of support to tackle cybersecurity issues, “including research, development, engineering and technical support to devise, test and demonstrate integrated technical solutions to difficult cybersecurity challenges; program and project management of FFRDC collaborative efforts; and management and operations of the NCCoE facility,” it said.
While the level of funding has not yet been determined in this case, the nation's 40 other FFRDCs spent $17.8 billion on R&D in fiscal year 2011, according to a recent report from the National Science Foundation. Federal funding accounted for 97.6%, or $17.4 billion, of the FFRDCs' total expenditures. The remaining $190 million in expenditures were funded by businesses, nonprofit organizations ($61 million), state and local government ($27 million), and other sources ($146 million).
More than $850 million of the total was supplied by funds from the American Recovery and Reinvestment Act of 2009.