recommended reading

Sequestration could hurt cyber defense programs

A cybersecurity analyst looks at code in the Homeland Security Department's malware laboratory.

A cybersecurity analyst looks at code in the Homeland Security Department's malware laboratory. // Mark J. Terrill/AP

Impending cuts of about $900 million from Homeland Security Department infrastructure and network protection funds and other federal cybersecurity accounts could knock out support for private sector cyberdefense programs, some budget analysts say.

Research and development grants, forensics equipment for prosecuting cybercrime cases and other corporate network security assistance could be scaled back, the experts said. But front-line security of government networks likely would dodge cuts.

The Obama administration on Friday released initial estimates for dollars that could be subtracted from agency accounts in January 2013. Homeland Security infrastructure protection and information security activities are confronting a $911 million cut under sequestration, unless Congress can pass a budget alternative.

“Deep across-the-board cuts will make it hard for the federal government to demand anything regarding cybersecurity out of industry,” said Christopher Bronk, a former State Department diplomat who is now a fellow in information technology policy at Rice University. The victims could be “the national labs that work on securing the grids,” he said. Energy Department support for cybersecurity industrial control systems “would go away,” creating a situation “where the power companies are pretty much on their own.”

Should sequestration go through, agency accounts would be shrink by roughly equal percentages but departments could choose to reduce programs within accounts in proportion to each activity’s importance, said Ray Bjorklund, chief knowledge officer at federal sector market research firm Deltek. For example, funding for Homeland Security emergency communications may face a steeper cut than cybersecurity.

“You just don’t gut the important missions,” Bjorklund said. “But there probably will be some degree of an impact on cyber -- who knows how the agencies are going to go about it.” Perhaps FBI investigators could see money for evidence collecting and travel get the short-shrift, he said.

Another possibility is the National Science Foundation could pare backing for academic research, Bronk said. The funding that goes to the “universities would be tamped down and that’s where much of the innovation goes on,” he said.

And public-private partnerships within the Commerce Department could be delayed, Bjorklund conjectured. One casualty, for instance, could be the National Strategy for Trusted Identities in Cyberspace, a venture aimed at creating a login network similar to the credit card payment system that would let computer users access separate websites without reentering personal information or creating new passwords.

Wartime cybersecurity operations would not be affected, but Cyber Command hiring and long-term development of offensive cyber weapons could be hurt, White House sequestration planning documents suggest.

“While the Department of Defense would be able to shift funds to ensure war fighting and critical military readiness capabilities were not degraded, sequestration would result in a reduction in readiness of many nondeployed units, delays in investments in new equipment and facilities, cutbacks in equipment repairs, declines in military research and development efforts, and reductions in base services for military families,” stated comments accompanying the projected cuts.

Bjorklund postulated that the pace of the Pentagon’s Plan X rollout may be slower than initially planned. Plan X is a broad initiative to lay the foundation for Defense’s activities in offensive computer warfare operations.

That said, the National Security Agency, which has a classified budget, likely would withstand much of the cost-cutting, Bronk said. NSA, a Pentagon branch, conducts cyberespionage and supports Homeland Security, as well as U.S. Cyber Command activities.

Since its activities are so secret, adversaries still may be left with the impression that the United States has its guard down in cyberspace.

“The bigger risk is to all the other programs and to the foreign perception of U.S. capabilities,” said Jim Lewis, a cybersecurity researcher at the Center for Strategic and International Studies, who advises Congress and the administration. “They would decide we are more vulnerable and less competent.”

He doubts the ax would hit Plan X before the military sets aside money for expected research.

Most observers predict Congress, between the November elections and the end of December, will reach a budget deal because neither Republicans nor Democrats want to see sequestration kick in.

“It’s hard to believe Congress would fumble this badly,” Lewis said.

Bjorklund said, “It’s going to be another brinksmanship between the parties and the White House and the Congress.”

Some pessimists say Washington may not broker an agreement until January, which would mean enduring uncertainty “maybe for a week or for a month. I hope it doesn’t happen but it’s entirely possible,” Bronk said.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download

When you download a report, your information may be shared with the underwriters of that document.