recommended reading

Cost of cybersecurity initiative to triple, panel reports

The Bush administration's proposal to defend government networks against cyberattacks will cost $17 billion, nearly three times original estimates, and is so secret that it cuts the public out of the debate on the program, according to a Senate report.

Comment on this article in The Forum.The cost of the National Cybersecurity Initiative, a multiagency effort to defend government information systems with strong defenses against cyberattacks, originally was pegged at $6 billion. Because of the increase in cost, the Senate Armed Services Committee recommended in a report that major elements of the project be scaled back "because policy and legal reviews are not complete and because the technology is not mature."

According to the report, the Bush administration has asked for large sums to field parts of the system as a prototype, a proposal that would not gain approval if held to standards enforced in normal acquisition programs. The Defense Department and the National Security Agency consistently find they are short of funds to develop secure versions of commercial information technology systems, the Senate report said. To increase funding for such systems, the committee suggested Defense and NSA levy a 1 percent "tax" on their budgets for information systems to fund what it called "anticipatory development" to adapt new commercial technologies for government use.

This tax, according to the report, would help Defense and NSA avoid requirements shortfalls, such as NSA's needed high-speed Internet protocol encryption capability, which has been held up because of a lack ofresources.

Committee members added they also were concerned that the umbrella cybersecurity program was designed to support programs outside its core mission, such as foreign intelligence collection and analysis.

The secrecy thrown over the cybersecurity initiative removes the possibility that it would act as a deterrent for potential enemies to attack systems, the Senate report noted. The United States should disclose its cyber capabilities in the same way it divulged its nuclear capabilities during the Cold War, when adversaries knew "what capabilities we possessed and the price that adversaries would pay in a real conflict," the report noted. "Some analogous level of disclosure is necessary in the cyber domain."

The committee also noted a disconnect between the bandwidth requirements of key Defense projects such as the Army's Future Combat Systems, which is intended to create a network of sensors, vehicles and systems on the battlefield, with the increased bandwidth demands of intelligence systems, including unmanned aerial vehicles.

The report directed Defense and the Office of the Director of National Intelligence to conduct a review of the departmentand intelligence bandwidth requirements for the next 10 years and report on their findings within a year. The language also directs the Defense secretary and National Intelligence director to establish a process to ensure that the bandwidth requirements for their major acquisition programs will be met before fielding.

The Senate and House versions of the 2009 Defense authorization bills must be approved by both bodies, with differences between the two bills worked out in a joint conference and then signed by the president before the final bill becomes law.

Threatwatch Alert

Network intrusion / Software vulnerability

Hundreds of Thousands of Job Seekers' Information May Have Been Compromised by Hackers

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.


When you download a report, your information may be shared with the underwriters of that document.