The short-term bill that keeps the government operating while Congress dithers over the budget debate has cut $20 million from cyber-security funding, far less than the originally proposed $60 million reduction.
Congress passed an interim
law slashing $20 million from cyber-security funding while continuing the
debate on other budget cuts.
The short-term continuing resolution,
signed into law March 2, keeps the government operating till March 18 and buys
the House of Representatives and the Senate time to negotiate other cuts for
the rest of fiscal 2011, which ends in September, and finalizes the federal
budget for fiscal 2012, which starts Oct. 1.
The $20 million reduction is
far less than the original $60 million cut the House had asked for in February
and was achieved by eliminating earmarks. These funds have not yet been
allocated to specific infrastructure protection or information security
projects at the DHS (Department of Homeland Security), according to NextGov.
Previous earmarks from 2009 and 2010 went toward state and local cyber-security
training, a multistate information-sharing and analysis center, and various
analysis and testing centers around the country.
With negotiations for more
cuts under way, other DHS cuts may be in store. A project to install
Einstein-3, a traffic-monitoring system, on federal computer networks may be
targeted next, DHS Secretary Janet Napolitano said at a House hearing on March
The National Cyber Security
Division at DHS plans to install five monitors and nodes on the .gov domain
used by federal agencies. The intrusion-detection system would monitor network
traffic entering or leaving federal computer networks, conduct real-time full-packet
inspection and threat-based decision making, and automatically respond to
certain threats, according to Napolitano.
The system will allow the
federal government to identify and characterize malicious network traffic to
enhance cyber-security analysis, situational awareness and security response,
according to the DHS.
DHS requested $233.6 million
in the 2012 budget for this project, which also includes upgrades to the
existing National Cyber Security Protection System.
Further cyber-security cuts,
either in the rest of 2011 or in the 2012 budget, would "cause significant
delay" in deploying Einstein-3 by as much as two or three years, according to
Napolitano. "And talk about an area where there's urgency, the cyber area has
real urgency associated with it, so we hope we can work with the Congress to
revisit that issue," she said.
A number of security experts
had speculated a network-monitoring
tool would have detected the traffic anomalies caused by Pvt. Bradley
Manning downloading large amounts of classified data. DHS is also worried about
the security risk of sophisticated
hackers sponsored by an unfriendly country breaching federal systems.
President Obama asked for
roughly $1 billion for information security at DHS in his fiscal 2012 budget
proposal unveiled in early February. Cyber threats are "one of the most serious
economic and national security challenges we face as a nation," he said.
DHS also requested $40.9
million to conduct 66 network assessments to improve security across all
federal agencies, $24.5 million for cyber-security training and education, $1.3
million to coordinate cyber-security operations with the Department
of Defense's National Security Agency, $18 million for research and
development projects, and funding to support cyber investigations conducted by
Service and Immigration and Customs Enforcement.
Even so, a current bill in
the House of Representatives (HR 408) proposes reducing DHS fiscal 2012
spending to fiscal 2006 levels, or $10.7 billion less than what the department
had requested for its total budget.