recommended reading

Sequestration could hurt cyber defense programs

A cybersecurity analyst looks at code in the Homeland Security Department's malware laboratory.

A cybersecurity analyst looks at code in the Homeland Security Department's malware laboratory. // Mark J. Terrill/AP

Impending cuts of about $900 million from Homeland Security Department infrastructure and network protection funds and other federal cybersecurity accounts could knock out support for private sector cyberdefense programs, some budget analysts say.

Research and development grants, forensics equipment for prosecuting cybercrime cases and other corporate network security assistance could be scaled back, the experts said. But front-line security of government networks likely would dodge cuts.

The Obama administration on Friday released initial estimates for dollars that could be subtracted from agency accounts in January 2013. Homeland Security infrastructure protection and information security activities are confronting a $911 million cut under sequestration, unless Congress can pass a budget alternative.

“Deep across-the-board cuts will make it hard for the federal government to demand anything regarding cybersecurity out of industry,” said Christopher Bronk, a former State Department diplomat who is now a fellow in information technology policy at Rice University. The victims could be “the national labs that work on securing the grids,” he said. Energy Department support for cybersecurity industrial control systems “would go away,” creating a situation “where the power companies are pretty much on their own.”

Should sequestration go through, agency accounts would be shrink by roughly equal percentages but departments could choose to reduce programs within accounts in proportion to each activity’s importance, said Ray Bjorklund, chief knowledge officer at federal sector market research firm Deltek. For example, funding for Homeland Security emergency communications may face a steeper cut than cybersecurity.

“You just don’t gut the important missions,” Bjorklund said. “But there probably will be some degree of an impact on cyber -- who knows how the agencies are going to go about it.” Perhaps FBI investigators could see money for evidence collecting and travel get the short-shrift, he said.

Another possibility is the National Science Foundation could pare backing for academic research, Bronk said. The funding that goes to the “universities would be tamped down and that’s where much of the innovation goes on,” he said.

And public-private partnerships within the Commerce Department could be delayed, Bjorklund conjectured. One casualty, for instance, could be the National Strategy for Trusted Identities in Cyberspace, a venture aimed at creating a login network similar to the credit card payment system that would let computer users access separate websites without reentering personal information or creating new passwords.

Wartime cybersecurity operations would not be affected, but Cyber Command hiring and long-term development of offensive cyber weapons could be hurt, White House sequestration planning documents suggest.

“While the Department of Defense would be able to shift funds to ensure war fighting and critical military readiness capabilities were not degraded, sequestration would result in a reduction in readiness of many nondeployed units, delays in investments in new equipment and facilities, cutbacks in equipment repairs, declines in military research and development efforts, and reductions in base services for military families,” stated comments accompanying the projected cuts.

Bjorklund postulated that the pace of the Pentagon’s Plan X rollout may be slower than initially planned. Plan X is a broad initiative to lay the foundation for Defense’s activities in offensive computer warfare operations.

That said, the National Security Agency, which has a classified budget, likely would withstand much of the cost-cutting, Bronk said. NSA, a Pentagon branch, conducts cyberespionage and supports Homeland Security, as well as U.S. Cyber Command activities.

Since its activities are so secret, adversaries still may be left with the impression that the United States has its guard down in cyberspace.

“The bigger risk is to all the other programs and to the foreign perception of U.S. capabilities,” said Jim Lewis, a cybersecurity researcher at the Center for Strategic and International Studies, who advises Congress and the administration. “They would decide we are more vulnerable and less competent.”

He doubts the ax would hit Plan X before the military sets aside money for expected research.

Most observers predict Congress, between the November elections and the end of December, will reach a budget deal because neither Republicans nor Democrats want to see sequestration kick in.

“It’s hard to believe Congress would fumble this badly,” Lewis said.

Bjorklund said, “It’s going to be another brinksmanship between the parties and the White House and the Congress.”

Some pessimists say Washington may not broker an agreement until January, which would mean enduring uncertainty “maybe for a week or for a month. I hope it doesn’t happen but it’s entirely possible,” Bronk said.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.