Agencies can pilot mobile phish-blocking tech through DHS
Technology funded by the Department of Homeland Security to block phishing attacks on mobile devices is now available to agencies to test through a select number of licenses provided by the department.
DHS officials said Thursday that new phishing protections, developed by San Francisco-based Lookout, Inc. and partially funded by the agency’s Science & Technology Directorate, are available for both private and public sector stakeholders.
But per the research contract that funded the project, the S&T Directorate can also use its license agreements to help other agencies pilot the technology on their mobile devices and determine if they want to procure it through a traditional acquisition.
“Phishing protection for mobile never existed before. It’s really important to bring those capabilities to bear,” Vincent Sritapan, program manager for mobile security, told FedScoop. “So we provide licenses — this includes the use of the software and also the labor support to train their people — that’s all a part of the engagement.”
Lookout’s Mobile Endpoint Security platform protects mobile devices from phishing attacks embedded in text messages, apps, social media and email by inspecting outbound network connections — but not their message contents — and warns users when a connection contains risky or malicious content.
Sritapan said agencies, including DHS, already have pilots with Lookout’s Mobile Endpoint Security platform underway, and others can inquire about product testing through S&T’s mobile security R&D program guide. For agencies looking to acquire the technology in S&T’s programs, DHS also helps companies get on the General Services Administration’s IT Schedule 70 through its FASt Lane program.
Lookout was selected by the S&T program through a broad agency announcement in September 2017. As part of S&T’s Mobile Application Security R&D projects, Lookout secured a $1.8 million contract to develop new protections in its Endpoint Security platform.
Those broad agency announcements offer companies the chance to compete for R&D funding to develop products that address certain needs solicited by the government, ranging from counterterrorism to cybersecurity and incident response.
Bob Stevens, Lookout’s vice president of public sector, said the S&T program provides both industry and the government with a valuable resource to develop new innovative solutions to address emerging threats.
“The goal for us and DHS was basically education,” he said. “We want to let people know what’s out there and help them protect their mobile devices. I think DHS has done a great job there. They’re doing a lot to help DHS components as well as their customers, which is the critical infrastructure [providers] in the U.S. They are really helping educate them on what’s required to really protect this space.”
He added that the phishing protection was one of several cyber features that Lookout would be offering that could benefit the government, including risky-app visibility, side load detection, “man-in-the-middle” attack detection and mobile vulnerability management.
