by Kenneth Corbin

Obama wants more cybersecurity funding and a federal CISO

Feb 11, 2016
CybercrimeGovernmentGovernment IT

In the final budget of the Obama administration, the White House is looking to boost spending on security, hire more experts and partner with the private sector.

Credit: Reuters/Kevin Lamarque

Cybersecurity will be one of the Obama administration’s chief technology priorities as it makes its case for an IT budget estimated at $89.9 billion for fiscal year 2017, a plan that officials say aims to boost hiring of security experts and better harmonize the efforts to protect digital systems across the federal government.

Additionally, the White House issued an executive order establishing a commission to develop long-term recommendations on improving cybersecurity in the government and private sector, and another calling for the formation of a federal privacy council, an interagency panel to promote efforts to safeguard citizens’ information across the departments and agencies of the government.

[ Related: Government ranks last in fixing software security holes ]

In total, the administration is seeking $19 billion to fund its cybersecurity efforts next year, which would amount to a 35 percent increase over the level that Congress approved for fiscal 2016.

White House officials explained on a conference call that the cybersecurity initiatives are closely coupled with the broader efforts to update the government’s use of technology.

“We have connected very deeply in this budget both the modernization of our IT with the modernization of our approach to how we handle cybersecurity,” says J. Michael Daniel, special assistant to the president and the cybersecurity coordinator for the National Security Council.

“In particular,” Daniel adds, “we believe it is critically important that we begin to address the underlying structural weaknesses that we have in federal cybersecurity by modernizing our underlying IT, by updating the governance structures that we have so that agencies can actually manage their cybersecurity more effectively by accessing much more common and shared services across the government, and investing in or people so that we have the adequate resources concentrated in the right places so that agencies can effectively carry out their cybersecurity missions.”

[ Related: Government security workers have a big data problem ]

The budget proposal also expands on the government’s efforts to transition to cloud-based systems, adopt provisioned services and move toward an agile software development model. At the same time, departments and agencies are shedding hardware as they consolidate data centers and incorporate shared services into their IT operations.

Many of the administration’s technology proposals aren’t particularly controversial — there is general agreement on the need to shore up critical systems and the potential for streamlining government IT through new delivery methods like cloud computing — but other provisions drew prompt condemnation from Republican lawmakers.

[ Related: Government cloud adoption efforts lag as security concerns persist ]

House Speaker Paul Ryan (Wis.) declared the proposal “dead on arrival,” blasting Obama’s budget for adding to the deficit and including a measure that he says would drive up fuel prices.

“This isn’t even a budget so much as it is a progressive manual for growing the federal government at the expense of hardworking Americans,” Ryan says in a statement.

Partnering government staff with private sector IT experts

The White House is asking for a modest 1.3 percent increase in the IT budget, pitching technology as a vehicle for improving government services. A central piece of that effort is the Digital Service team the administration has formed, a team of IT experts — many drawn from the private sector — who work with the in-house staff at various agencies to improve their technology operations.

U.S. CIO Tony Scott notes that the Digital Service team has helped improve the website and teamed with the Department of Education roll out an online college scorecard. Looking ahead, the administration is hoping to scale up the Digital Service to work with 25 federal agencies.

“I’m very excited about that particular plan,” Scott says.

On the security side, the White House is calling for a “cybersecurity national action plan” that would identify short- and long-term steps that agencies can take to protect both their digital systems and consumer privacy.

Under that program, the administration is creating the Commission on Enhancing National Cybersecurity, and is establishing the new position of a federal CISO. The plan also calls for a $3.1 billion IT modernization fund to help agencies phase out legacy systems.

The administration is billing its plan as a public-private partnership, and is partnering with technology heavyweights like Facebook, Google and Microsoft to promote multi-factor authentication to enhance the security of users’ accounts.

Additionally, the budget proposal earmarks $62 million for programs to educate, train and recruit cybersecurity experts. That’s an area where officials say the government struggles to bring in top talent — a situation Scott expects to continue for the foreseeable future.

“There’s no expert I’ve ever talked to anywhere in this space who thinks that the cybersecurity challenges are going to get easier as we go forward,” Scott says. “Everybody’s prediction is this gets to be increasingly challenging, and we need the right people in place to go help address these challenges.”