A cybersecurity czar this month — maybe
November 2nd, 2009 | Information Technology | Posted by Gregg Carlstrom
The president has been accused of “dithering” on his Afghanistan strategy review. (Personally, I think he’s right to take his time: Escalating the war is not an easy decision, and when tens of thousands of soldiers are being sent into combat, better to take some extra time to get it right.)
But that’s not the only important decision on which Obama has delayed. There’s also the question of appointing a “cyber czar,” a White House official to coordinate cybersecurity policy. Obama announced the new position in May, during a White House speech on cybersecurity, but the position has remained vacant for more than five months.
The delay is starting to attract criticism. Rep. Jim Langevin, D-R.I., said last week that he was frustrated with the delay. TechAmerica, an IT industry group, put out a press release this afternoon calling on Obama to appoint a czar “at the earliest possible opportunity.”
Tags: Barack Obama, cybersecurity, Mischel Kwon, Rod Beckstrom
House Appropriations approves two bills
June 15th, 2009 | 2010 Budget Agencies Congress | Posted by Rebecca Neal
The House Appropriations Committee approved the Homeland Security and Legislative Branch fiscal year 2010 appropriations draft bills at a markup Friday.
The Homeland Security bill provides $42.63 billion for the agency, compared to President Barack Obama’s $42.83 billion request for fiscal year 2010. In 2009, the agency received $39.98 billion.
The bill cuts $135 million requested for agency operations due to “staffing vacancies, redundant policy initiatives and poorly justified request to consolidate DHS headquarters for those agencies not moving to St. Elizabeths,” according to a committee news release.
The bill includes:
- $10 billion for Customs and Border Protection, $82 million less than Obama requested, due to slight cuts in funding requests for multiple programs. This is $147 million more than the 2009 funding.
- $5.4 billion for Immigration and Customs Enforcement, $30 million less than the president’s request but $439 million more than 2009.
- $382 million for cybersecurity, $19 million less than the president requested and $68 million more than 2009.
The committee also approved the $3.7 billion draft bill to fund the Legislative Branch, $300 million than requested but $600 million more than 2009.
The bill includes:
- $559 million for the Government Accountability Office, $9 million less than the president’s request and $28 million more than 2009.
- $45 million for the Congressional Budget Office, $1.2 million less than Obama requested and $1 million more than 2009.
The House plans to take up the Homeland Security bill Friday and the Legislative Branch bill June 24.
Tags: CBO, CBP, Congress, cybersecurity, GAO, Homeland Security, ICE
How much does cybersecurity cost?
June 15th, 2009 | Defense | Posted by Gregg Carlstrom
Deputy Defense Secretary William Lynn gave a speech at the Center for Strategic and International Studies this morning. He didn’t make any big announcement about the possible Pentagon “cyber command,” as some people had been speculating.
He did, however, rattle off a few interesting statistics about the cost of cybersecurity:
Cyber attacks on our military networks have not cost any lives, not yet. But in a six-month period, the Defense Department spent more than $100 million defending its networks… and we spend billions annually in a proactive effort to protect and defend our networks.
$200 million annually on cybersecurity — and just at one department. (The largest department, I know, but still…)
Tags: cybersecurity, William Lynn
Hathaway is candidate for cybersecurity czar
June 12th, 2009 | Uncategorized | Posted by Rebecca Neal
Melissa Hathaway, the Obama administration’s acting cybersecurity director, said Friday she is one of the candidates being considered for the permanent cybersecurity post.
Hathaway confirmed her candidacy for the “cybersecurity czar” position to reporters after a speech at the Center for Strategic and International Studies, a Washington, D.C. policy group. Hathaway said the administration is considering several candidates but President Barack Obama has not yet conducted any interviews.
Hathaway, who led the White House’s 60-day review of cybersecurity policy, said Obama is deeply interested in improving cybersecurity and his leadership will help institute change.
“It’s personal to him … they’ve tried to hack into his BlackBerry on a regular basis. This president is going to drive this forward, and it’s being raised on a weekly basis,” Hathaway said.
Tags: Barack Obama, cybersecurity
Calm before the storm
May 4th, 2009 | 2010 Budget Homeland Security Regulation | Posted by Gregg Carlstrom
Okay, maybe not the best metaphor, since it’s been raining all day in Washington.
Nonetheless: In the next five days, the Obama administration is probably going to release a more detailed 2010 budget proposal, its cybersecurity review, and the details of the bank “stress tests.”
Busy week. The details of the stress tests have been slowly leaking out — Citigroup and Bank of America both need more capital — and it’s an open secret that the cybersecurity review will call for a big White House role in cybersecurity. But it will be interesting to dig into the specifics. And, of course, there’s the budget, which will surely set off a political firestorm on Capitol Hill. (We’ll have full coverage of the budget after it’s released on Thursday.)
Tags: banks, budget, cybersecurity
Playing offense
April 28th, 2009 | Defense Homeland Security | Posted by Gregg Carlstrom
We’ve done a lot of reporting on cybersecurity over the past few months (cf here, here and here), mostly focused on defense — how the federal government protects itself against intruders.
But the government is also improving its offensive capabilities, a story that gets far less coverage. The New York Times has an interesting article about it this morning:
President Obama is expected to propose a far larger defensive effort in coming days [...]
But Mr. Obama is expected to say little or nothing about the nation’s offensive capabilities, on which the military and the nation’s intelligence agencies have been spending billions. In interviews over the past several months, a range of military and intelligence officials, as well as outside experts, have described a huge increase in the sophistication of American cyberwarfare capabilities.
The whole thing is worth a read. There’s a lot of concern about U.S. defensive capabilities — justified concern, in this reporter’s opinion — but it sounds like the offensive side is in much better shape.
Tags: cybersecurity, hackers
Cybersecurity: Who's in charge?
April 23rd, 2009 | Homeland Security Information Technology | Posted by Gregg Carlstrom
Melissa Hathaway, the official in charge of the White House’s 60-day cybersecurity review, gave a speech last night at the RSA conference in San Francisco. The review concluded last Friday, so there were high expectations around the speech: most experts expected her to announce her findings.
Unfortunately, that didn’t happen, apparently because the administration hasn’t read the final report yet. I’m told that the White House deputies committee is meeting to review it today or tomorrow. So we’ll probably see a final copy early next week.
Hathaway did confirm that the final report calls for the White House to coordinate governmentwide cybersecurity policy. (If you want to watch her whole talk, it’s posted here.)
There was one other item from the RSA conference that caught my attention — details after the jump.
Tags: cybersecurity
Cyberattacks: Where and how
April 14th, 2009 | Information Technology | Posted by Gregg Carlstrom
Symantec has an interesting report out on government IT threats. I’ve uploaded a copy, in PDF form, here. Still digesting the whole (lengthy) report, but it seems like hackers are “diversifying” their attacks — using different approaches than they did in 2007.
U.S. government systems are still popular targets (nearly a quarter of attacks on government systems target the U.S.); most of the attacks come from China, it seems.
Tags: cybersecurity
Beckstrom's resignation letter
March 10th, 2009 | Homeland Security | Posted by Gregg Carlstrom
We’ve got a story up on the Web site about the cybersecurity power struggle between the Homeland Security Department and the National Security Agency. It mentions Rod Beckstrom, the National Cybersecurity Center director who announced his resignation last week. His resignation letter was pretty critical of NSA’s cybersecurity role:
NSA effectively controls DHS cyber efforts through detailees, technology insertions, and the proposed move of… the NCSC to a Fort Meade NSA facility. NSA currently dominates most national cyber efforts… I believe this is a bad strategy on multiple grounds… the intelligence culture is very different than a network operations or security culture…
We’ve posted the whole letter; you can read it here.
Tags: cybersecurity
Employee info compromised in FAA computer breach
February 10th, 2009 | Information Technology Transportation | Posted by Elise Castelli
The Federal Aviation Administration notified 45,000 employees and retirees yesterday that files containing their personal data were hacked and their information was electronically stolen.
The hacker breached 48 FAA files, two of which contained the personal information. Only employees on the payroll as of the first week of February 2006 are affected. Those individuals will be notified by letter and law enforcement has been notified, FAA said.
In a statement FAA said:
The FAA is moving quickly to prevent any similar incidents and has identified immediate steps as well as longer-term measures to further protect personal information. The agency is also providing a toll-free number and information on the employee website for those who believe they may be affected by the breach.
Air traffic control systems and other FAA operational systems were not compromised in the breach, according to the agency.
Tags: cybersecurity, data breach, FAA