Many in the federal IT community waited months longer than expected for President Donald Trump to sign an executive order on cybersecurity, wondering, “What will this mean for my agency?” The first concrete answers to that question started showing up last week with the release of the administration’s fiscal 2018 budget proposal, especially for the Department of Homeland Security.
Under the proposal, DHS’ key cybersecurity unit, the National Protection and Programs Directorate (NPPD), would see its budget increase to $3.278 billion, up 6.36 percent from $3.08 billion in fiscal 2017. “As cyber threats evolve, DHS’s intelligence enterprise is evolving to implement real-time prevention and mitigation strategies, and ensure the right people get the right information on time,” DHS’s 2018 budget proposal states.
Overall, the DHS budget proposal for cybersecurity would provide more funding to invest in existing technologies and programs to prevent IT threats. The budget requests $971.3 million “to improve security of the U.S. cyber infrastructure in collaboration with public, private, and international partners.”
However, some programs are getting shortchanged. As CyberScoop notes: “Despite these increases, not every tech element of the department got its funding goosed. Research and development in the DHS Science and Technology Directorate was slashed by $100 million and the allocation for the CIO office was also down $60 million.”
Major Boosts to Cybermonitoring Tools
The Trump administration’s budget proposes spending $279 million on DHS’s Continuous Diagnostics and Mitigation program, which would be more than double the $102.4 million that was allocated in the fiscal 2017 continuing resolution.
The CDM program allows agencies to identify cybersecurity risks on an ongoing basis, then prioritize the risks based upon how severe they might be in an effort to let cybersecurity personnel mitigate the most significant problems first. CDM offers commercial off-the-shelf tools — hardware, software and services — that agencies can access via a central fund.
“This request will allow the NPPD to continue providing the necessary tools and services for all phases of the CDM program that enable Federal and other government IT networks to strengthen the security posture of their cyber networks,” states the DHS’s budget document.
The Obama administration’s final DHS budget request had asked for $274.8 million for CDM.
Another key component of DHS’ cybersecurity efforts is the National Cybersecurity Protection System (NCPS), which includes programs such as Einstein 3A. That specific program monitors federal networks and looks for known or suspect malware signatures and then blocks them.
The 2018 budget requests $397.2 million for NCPS, which would be down $458.3 million, or 13.3 percent, from fiscal 2017. DHS officials told CyberScoop that the Einstein program had finished its large procurement activities, which had driven up the costs for the program in recent years.
“Einstein 3 is fully purchased and almost fully deployed so we are now more in sustainment mode with that program,” Acting Undersecretary for Management Chip Fulghum told CyberScoop. By contrast, he said, CDM would be “still in the acquisition phase” next year.
NCCIC Gets More Investment and Staffing
The DHS budget request includes increased funding for the National Cybersecurity and Communications Integration Center (NCCIC), which serves as a centralized hub within DHS that monitors cyber threats across agencies and critical infrastructure.
“Detecting vulnerabilities, blocking malicious activity, mitigating the impact of intrusions requires innovative technology and an agile workforce, and developing cybersecurity standards to increase security of Federal civilian networks,” the request notes.
The budget would request an additional $42.3 million and 20 full-time employees, which DHS says “will allow the NCCIC to protect private sector entities through the Enhanced Cybersecurity Services program, provide additional threat assessment capabilities, support the growth in demand for analytical products and 24x7x365 operational staffing, and maintain readiness to execute national security/emergency preparedness.”
Those investments, DHS says, would also “provide support to build Federal civilian cyber defense teams and activities to include incident response, red team penetration testing and cyber hunt to improve cybersecurity for all Federal civilian agencies. These activities will ensure adequate capacity for the U.S. government to rapidly and effectively respond to multiple significant incidents or risks.”