Insights to Guide Federal Cybersecurity R&D Strategic Plan

In 2018, the National Science and Technology Council (NSTC) began to update the existing Federal Cybersecurity Research and Development Strategic Plan, and issued an RFI soliciting public input. A cross-MITRE team collectively reviewed the prior policy and provided responses ​to the RFI questions for the government's consideration. ​

MITRE has longstanding and significant experience supporting multiple federal agencies on cybersecurity R&D and operations. For the last four years, we have had the honor of operating the nation’s first cybersecurity FFRDC, the National Cybersecurity Center of Excellence, which fosters public-private collaboration to identify and solve today’s real-world cybersecurity threats. We welcome the opportunity to respond to the National Science and Technology Council’s (NSTC) Request for Information (RFI) supporting an update to the 2016 Federal Cybersecurity Research and Development Strategic Plan.

Because of our varied cybersecurity work, MITRE recognizes that there are some hard realities confronting the Government and the nation. These realities have evolved and, in some cases, become more urgent since the release of the 2016 Strategic Plan. Within our response, we describe each of the most critical challenges listed below and used them to shape our responses to each of the questions posed in the RFI:

• The international threat environment has changed since 2016, and more countries are challenging U.S. national interests in cyberspace;
• A new cyber ecosystem is emerging around us;
• To truly make progress on this issue we must expand beyond the Federal Government-centric scope of the 2016 Strategic Plan.