Researchers at PNNL drive innovation in cybersecurity research and application by identifying and leveraging novel human and computational analytical methods and tools to address hard cybersecurity challenges. We integrate human and machine intelligence and data-driven analytical platforms to enhance cyber adversary detection, insight discovery, and situation awareness through greater automation and response acceleration in all aspects of cybersecurity defense.

The Cooperative Protection Program, for example, brings cyber situational awareness of the U.S. Department of Energy (DOE) complex to the Office of the Chief Information Officer, the Integrated Joint Cybersecurity Coordination Center, and local cyber defenders. The Cooperative Protection Program enables DOE cyber defenders by:

• delivering sensing technologies that scale to Tier 1 networks;
• continually improving data collection and cyber analytics through innovative research;
• being a key contributor to the collective DOE cyber information-sharing center; and
• collaborating with the cyber community to share and integrate knowledge, technologies, and methods.

As leaders in cyber- and cyber-physical security experimentation, study, and testing, our researchers steward the design, creation, and operation of security-related research infrastructure and instrumentation. We define methods for the detection and identification of cybersecurity events, including indicators of compromise, actions associated with known threat vectors, and predictive cyber.

Working in step with our sponsors and with partners in government, industry, and academia, we are working to develop and refine methods to advance our cyber situational awareness and harden our nation’s critical infrastructure.