cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

DHS and CISA get into the machine-learning cyber security sandbox game with CAP-M

The year 2022 is feeling like it was the year when organisations around the globe began to take cyber security investment to new heights. The latest organisations to announce new initiatives in the area are the United States’ Department of Homeland Security and Cybersecurity and Infrastructure Security Agency, which recently announced plans to collaborate on a new machine-learning ecosystem focused entirely on cyber security.

user icon David Hollingworth
Tue, 10 Jan 2023
DHS and CISA get into the machine-learning cyber security sandbox game with CAP-M
expand image

The Science and Technology Directorate of DHS will head up the CISA Advanced Analytics Platform for Machine Learning, otherwise known as CAP-M.

The project was once known as CyLab, an initiative that itself dates back to at least the middle of 2021, but the renaming and restating of the project’s aims in a DHS statement last week suggests a new urgency among the agencies involved.

The aim of the CAP-M project is to build a cloud ecosystem for collaborative research and experimentation and analytics. The system will draw on a wide range of data sources, allowing CISA users to essentially develop new responses to old cyber problems.


CAP-M will consist of three key research areas:

  1. Creating a cloud-based sandbox for next-generation training of CISA users.
  2. Researching advanced machine-learning and artificial intelligence tools.
  3. Automating machine-learning loops and workflow automation.

Once the program begins to show results, findings will be shared with other government agencies, as well as with industry and academia.

“Fully realised, CAP-M will feature a multi-cloud environment and multiple data structures, a logical data warehouse to facilitate access across CISA datasets, and a production-like environment to enable realistic testing of vendor solutions,” DHS said in a statement.

“While initially supporting cyber missions, this environment will be flexible and extensible to support datasets, tools, and collaboration for other infrastructure security missions.”

In an online panel talking about the initial CyLab project in July of 2021, Dr Garfield Jones, associate chief at the Strategic Technology Office of CISA, explained the project’s aims.

“Going after the next great buzzword is not what we want to be doing,” Dr Jones said. “We’re addressing the evolving and complex threats that we’re dealing with. And we’re developing these adaptive and flexible environments that use … data to develop these analytical tools to help not only the Federal side … We’re talking about the downstream impact where we can address our mission as the nation’s risk advisor with state and local officials and organisations.

“So we’re really trying to develop these analytical tools to mitigate tomorrow’s threat for everyone.”

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.