President Donald Trump is proposing to increase funding for cybersecurity at the Department of Homeland Security by $1.5 billion in his budget outline for fiscal year 2018.
The budget outline, a so-called “skinny budget,” is just a high-level outline; a more expansive budget will be released this spring. However, it spells out Trump’s spending priorities, and, as expected, includes a $54 billion increase in defense spending and significant cuts to civilian agencies.
Meanwhile, previewing the budget on Wednesday, Thomas Bossert, assistant to the president for homeland security and counterterrorism, promised an increased focus on cybersecurity by the administration. He also indicated that a major move on federal IT modernization would take time to come together.
Cybersecurity Funding Increase
In the budget outline, released by the Office of Management and Budget, the administration says that it will “safeguard cyberspace with $1.5 billion for DHS activities that protect federal networks and critical infrastructure from an attack.”
Former President Barack Obama’s final budget proposal requested $89.9 billion for IT, representing a 1.3 percent increase from fiscal year 2016, including $19 billion for cybersecurity. Trump’s budget outline did not include total IT or cybersecurity figures.
The budget proposal also calls for more information sharing on cybersecurity threats, though it does not go into detail on how that will be accomplished. “Through a suite of advanced cybersecurity tools and more assertive defense of government networks, DHS would share more cybersecurity incident information with other federal agencies and the private sector, leading to faster responses to cybersecurity attacks directed at federal networks and critical infrastructure,” the outline states.
The budget also indicates that the Defense Department will get more cybersecurity funding. The outline says the budget proposals “begins to rebuild the U.S. Armed Forces by addressing pressing shortfalls, such as insufficient stocks of critical munitions, personnel gaps, deferred maintenance and modernization, cyber vulnerabilities, and degraded facilities.”
“President Trump intends to put his money where his mouth is,” in the budget outline, Bossert told the Center for Strategic and International Studies in a keynote address at its Cyber Disrupt 2017 event Wednesday, according to CyberScoop. “Cybersecurity will be funded through DHS and the Department of Defense.”
Trump’s Spending and Investment Priorities Laid Out
At the event, Bossert said the administration’s cybersecurity priorities “start with those things that we can control the most and the most directly,” according to Federal News Radio.
Those include federal networks and their data, he said, as well as critical infrastructure like the electric grid and financial system. However, Bossert said that “not all critical infrastructure is equally critical, so we will focus in on the most critical of those things. We need to tackle the notion of the security [of] our nation and the American people. Cybersecurity is an area we talk about quite a bit but we have not yet gotten serious about a serious deterrent strategy.”
It’s been unclear how aggressively the Trump administration would pursue IT modernization. The original co-sponsors of the Modernizing Government Technology Act, Reps. Will Hurd (R-Texas) and Gerry Connolly (D-Va.), which would fund IT upgrades across the government, plan to reintroduce the bill after it stalled late last year, The Hill noted.
Bossert said IT modernization is “absolutely critical” to protecting federal networks, and indicated the administration would release more details about its plans in the near future.
“We will pursue that,” Bossert said, according to Federal News Radio. “You will see details in the coming weeks and months of how we will pursue that. It is not easy, but we cannot any longer defend indefensible networks.”
However, Bossert indicated that the White House thinks such an upgrade push will take a year or two to address. “There will not be a budget [outline Thursday] that reflects an overnight modernization of [federal] IT,” he said, according to CyberScoop. “I think that’s somewhere around a $90 billion endeavor that’s going to require … years of investment” and much “thoughtful analysis” to ensure the money is spent wisely.