A recent GovInfoSecurity.com article indicated that President Obama’s election-year budget calls for the strengthening of government cybersecurity while reducing overall information technology spending by more than a half-billion dollars.
The administrations’ budget, presented Monday, Feb. 13, calls for the government to cap spending on information technology, including IT security, at $78.9 billion in fiscal year 2013. That’s down from $79.5 billion for the current fiscal year, and significantly less than the $82.2 billion spent on IT in fiscal 2011. The Office of Management and Budget suggested that the reduction in overall information technology spending won’t diminish its cybersecurity efforts.
How to spend less and do more? The administration expects to realize efficiencies through a number of cost-saving initiatives, including data center consolidation and the Cloud First initiative to encourage cloud computing.
How is the data center consolidation going so far? The government has closed more than 140 government data centers and could close nearly 1,100 by the end of 2015. As stated in the budget, “Overall, the data center optimization efforts are expected to yield $3 billion to $5 billion in savings. And through the Cloud First policy, agencies are shifting from a capital-intensive model toward a more flexible operational model where they pay only for the services they use. The ultimate goal is to improve service to the American people.”
The plan is still a plan.
Ultimately, congressional legislation determines actual appropriations to spend federal dollars. So it’s not expected that the president’s budget will be adopted because of the continuing partisan divide within Congress, especially during an election year. But the administration’s budget provides a clear roadmap on the direction it wants to take on cybersecurity.
For instance, among the R&D projects the administration envisions to promote a secure and reliable cyberspace are $110 million for the National Science Foundation for research on securing the nation’s critical information infrastructure, and the mostly privately-owned networks which control the flow of money, energy, food and other vital elements of society. The National Science Foundation would work with federal agencies to determine how the money would be spent. In addition, the administration proposes another $57 million for the National Science Foundation for a coordinated cybersecurity research initiative.
Under the administration’s plan, the National Institute of Standards and Technology would receive $86 million above current levels to fund a number of projects, including cybersecurity.
What would go to DHS, DoD and Intelligence Agencies.
The budget proposes $769 million to support the operations of the Department of Homeland Security’s National Cybersecurity Division, and $202 million of the DHS IT security budget would go to improve government-wide continuous monitoring of vulnerabilities in government IT systems.
The budget avoids stating how much the government would spend on defense and intelligence cyber initiatives for reasons of national security. But the budget would fund the Defense Department’s support of cybersecurity efforts at DHS to protect the federal government’s unclassified civilian information technology networks, and would also fund DoD cybersecurity pilots in partnership with DHS to determine how best to protect private-sector operated critical information infrastructures.
The administration’s overall intelligence agencies budget would enhance cybersecurity to protect federal networks, critical infrastructure and America’s economy while improving the security of intelligence networks against intrusion and counterintelligence threats.
The administration also pledged to maintain recent increases in the Justice Department’s programs to combat terrorism threats, including information security initiatives under the Comprehensive National Cybersecurity Initiative.
TalaTek’s ‘Software as a Service’ Enterprise Compliance Management Solution (ECMS) provides efficient and cost-effective Risk Management and compliance services using a Private Cloud Services model.
The TalaTek ECMS dashboard provides visibility to both common control providers and federal clients. This meets the Federal Risk and Authorization Management Program (FedRAMP) goals of increasing the confidence in the security of cloud solutions provided by the common control provider, and increasing the automation and near real-time data for continuous monitoring.
TalaTek’s ECMS assists commercial hosting service providers meet the FedRAMP program goals by:
- Accelerating the adoption of secure cloud solutions through reuse of assessments and authorizations
- Increasing confidence in security of cloud solutions
- Achieving consistent security authorizations using a baseline set of agreed upon standards to be used for Cloud product approval in or outside of FedRAMP
- Ensuring consistent application of existing security practices
- Increasing confidence in security assessments
- Increasing automation and near real-time data for continuous monitoring