Boehlert says IT security is getting short shrift
Connecting state and local government leaders
Rep. Sherwood Boehlert (R-N.Y.) today said the Bush administration has failed to put its cybersecurity money where its mouth is. <br>
Rep. Sherwood Boehlert (R-N.Y.) today said the Bush administration has failed to put its cybersecurity money where its mouth is.
A year after passage of the Cyber Security Research and Development Act, as well as the more recent Homeland Security Act, 'We're still not devoting anything like a sufficient amount of money to cybersecurity,' Boehlert said. 'It's hard to tell from the [administration's] budget exactly what federal money is going into cybersecurity.'
Boehlert, chairman of the House Science Committee, spoke this morning at a Capitol Hill conference sponsored by the Information Technology Association of America. He and Rep. Tom Davis (R-Va.) called for creation of a senior advisory post for IT security within the Homeland Security Department.
The new department gives the government a chance to centralize IT security efforts effectively, Boehlert said, but it remains to be seen whether that will happen. 'HSD does not seem to be organized or funded in a way that focuses on this,' he said. 'Frankly, the administration has not been especially forthcoming with information to aid congressional oversight.'
Sen. Bob Bennett (R-Utah) advised lawmakers to be patient in judging the new department's progress. He noted that when the Transportation Department was formed in the late 1960s, it needed three years before it was 'up and running.'
The Homeland Security 'Department will not work for at least three years, and that's an optimistic estimate,' Bennett said. 'Don't get carried away with pessimism if we don't get instant results.'
HSD funding for cybersecurity R&D is too low at only $7 million, he said. Despite provisions in the R&D act that made the National Science Foundation the lead agency for cybersecurity work, 'so far it doesn't appear that NSF is implementing the act,' Boehlert said.
The Defense Advanced Research Projects Agency has halved its spending on IT security research over the last two years, he said, and is planning to get out of the field completely.
Boehlert said HSD has not yet failed at ensuring IT security, but he called for greater attention to ensure that doesn't happen.
Sallie McDonald, head of FedCIRC, the federal IT security agency that moved from the General Services Administration to HSD with the creation of the new department, told lawmakers that Homeland Security officials already had such plans.
'I assure you, cybersecurity is a high priority in the department,' she said.
(Updated March 27, 2003, 1:10 p.m.)
NEXT STORY: Leadership selected for new cybersecurity panel