GrammaTech Awarded IARPA Contract to Develop Cyberpsychology-Informed Defenses

BETHESDA, Md., Feb. 7, 2024 – GrammaTech, Inc., a leading provider of cybersecurity services and tools that improve and accelerate software development, along with University of Newcastle, Australia and Social Machines, today announced they have been awarded a contract from the Intelligence Advanced Research Projects Activity (IARPA), part of the U.S. Office of the Director of National Intelligence, under their Reimagining Security with Cyberpsychology-Informed Network Defenses (ReSCIND) Program.

Within this research project, GrammaTech and their partners will work to improve cybersecurity through a new set of cyberpsychology-informed defenses that leverage attackers’ human limitations, such as innate decision-making biases and cognitive vulnerabilities.

This work is critical to advancing knowledge of attacker psychology and developing context-aware defenses. Domains like marketing and e-commerce have long leveraged understanding of human biases to achieve critical objectives. ReSCIND will assess these effects in the area of cybersecurity, and develop attacker-specific defense strategies by identifying the presence of cognitive vulnerabilities and responding directly to them.

GrammaTech will use human studies data and autonomic software tooling to produce software mechanisms that detect biases and perturb the underlying system to challenge attackers, based on their measured cognitive profiles. This will result in a framework for identifying and responding to cyber-attacks, insider threats, and anomalous user behavior in a wide range of systems, software, and use cases.

Ray DeMeo, Chief Growth Officer at GrammaTech, said: “The GrammaTech team is honored to be chosen for this effort. Humans have long been identified as the greatest cybersecurity threat. Most often, the human component is discussed only in the context of the inadequacies of users and system defenders. GrammaTech, with its decades of experience developing security for the hardest mission-critical use cases, will now focus on the behavioral weaknesses of attackers to mitigate their threat effectiveness.”

This research is based upon work supported in part by the Office of the Director of National Intelligence (ODNI), Intelligence Advanced Research Projects Activity (IARPA), via N66001-24-C-4502. The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies, either expressed or implied, of ODNI, IARPA, or the U.S. Government. The U.S. Government is authorized to reproduce and distribute reprints for governmental purposes notwithstanding any copyright annotation therein.

About GrammaTech:
GrammaTech is a provider of advanced cybersecurity services and leading developer of software-assurance solutions. Originating from the computer science department at Cornell University, the company has a thirty-five-year history of delivering cutting-edge cyber capability in support of government, intelligence and mission-critical infrastructure. GrammaTech technology is used by software developers and system defenders alike, everywhere reliability and security are paramount. It covers threat detection and mitigation, malware analysis, machine learning and automation, migration to memory safe languages, attack surface area reduction, and software supply chain integrity.

GrammaTech is uniquely capable of implementing security across the edge infrastructure stack – software, OT/ICS interfaces, and microelectronics, aligns with today’s unprecedented demand for information processing and inference at the edge.