President Barack Obama’s last budget includes $19 billion for a package of “sweeping” measures to beef up the security of the nation’s computer networks.
The administration wove the initiatives together in its $4 trillion 2016 budget proposal as the Cybersecurity National Action Plan (CNAP), which it said would enable “long-term improvements in our approach to cybersecurity across the federal government, the private sector, and our personal lives.”
The budget request for the plan represents a 35% increase above current spending.
“The federal government — which is obligated to protect the information provided to it by the American people — has a unique responsibility to lead,” President Obama wrote in an op-ed in the Wall Street Journal. “But the fact is we still don’t have in place all the tools we need, including ones many businesses rely on every day.”
The plan would, among other things, establish a panel of experts to advise the government on ways to improve its cybersecurity and protect citizens’ data, create a federal chief information security officer (CISO), and increase coordination between federal officials who focus on privacy issues.
Roughly $3 billion of the funding would go toward an information technology modernization fund, which would update the computer systems used by federal agencies. After the U.S. Office of Personnel Management reported in June that hackers had compromised its systems, a major review of the government’s “legacy” computer systems concluded they were not designed to withstand modern cyberattacks.
Security firms applauded the proposal, but also warned that the CISO would be ineffective, unless given direct power over the government’s cybersecurity infrastructure.
“Obviously it is a step in the right direction, but in many ways, it is just one more level of bureaucracy,” Avivah Litan, research vice president with business intelligence firm Gartner, told eWEEK.
The Wall Street Journal questioned whether Congress will approve the budget request. “Republicans have already signaled that they are not going to consider many parts of the White House’s budget request this year, dimming the chances of any new cybersecurity funding being approved,” it said.