How many times have Executive Office agencies been hacked? You had the massive Officer of Personnel Management hack last year. The FBI just announced it was the recipient of a massive hack. Many other agencies have been hacked. Many others have successfully fought off hacks. This is a true common sense offering from Mr. Obama
(Washington Post) President Obama is seeking a 35 percent hike in cybersecurity funding in his final budget to boost the capability of the federal government to defend itself against cyberattacks.
The proposed $19 billion request, which represents one of the largest increases ever sought in this area, comes as Congress and the public have witnessed an alarming series of intrusions in recent years against targets ranging from Target and Sony to the Pentagon and the Office of Personnel Management.
The proposal, which will be announced Tuesday morning with the president’s 2017 budget request, is part of a larger package of initiatives the White House is calling the cybersecurity national action plan. (snip)
The money would go toward replacing aging — in some cases decades-old — computer systems with new machines and software, hiring additional skilled personnel, and increasing capabilities at the Pentagon’s Cyber Command and the FBI as well as in civilian agencies such as OPM and the Department of Veterans Affairs, officials said.
Overall, it is not $19 billion more, it amounts to a $5 billion increase in current funding, not $19 billion, as the Washington Post makes it seem. It has $3.1 billion for updating those computer systems and hiring a federal cybersecurity chief. $62 million will go towards offering training to teach cybersecurity, with loan forgiveness offered to those who join the federal government.
The plan itself is the most basic of basics, as explained at Wired.
ENABLE TWO-FACTOR AUTHENTICATION. Update your systems. Maybe get someone who knows what they’re doing to handle your security needs. It’s all the standard advice you’d give a tech novice. It also happens to be the foundation of President Obama’s new Cybersecurity National Action Plan, a long-overdue, comprehensive approach to keeping our country’s digital corridors safe.
That said, Wired doesn’t find it to be a bad plan, because you need to have the most basic of basics in place. The software and hardware do need a vast upgrade. For goodness sake, many still use Windows XP, which Microsoft stopped supporting in 2014. The plan does call for doling out the money in portions, rather than lump sums, in order to make sure it is used correctly and that targets are being hit on time.
Here’s two problems, though. From Wired we learn
It’s an initiative that has noble ambitions but few details attached, especially when it comes to cyberattack response.
From the Washington Post, which really caught my attention
The cyber plan, for instance, calls for the creation of a commission to make recommendations on actions to enhance national cybersecurity over the next decade. It calls for a campaign to urge more people to adopt anti-hacking techniques such as “two-factor†authentication, which combines a password with a fingerprint or a text message code.
Lack of details. A commission to study the problem. One would think that there would be some actual detail when asking for $5 billion more. One would think that there would be more than a few base ideas in dealing with the issue. This is typical Obama: make a big recommendation without concrete plans, expecting others to deal with it. I doubt Congress will have any objection to this, though, they might want a few more details rather than a sticky note. A final big question revolves on how Obama will roll this out: will he take it seriously, or will it just be another time where he “blasts” Congress, attempting to create a fight with Republicans, as he so often does?
Crossed at Right Wing News.
The great minds in Congress should be able to come up with a good plan. And they control the purse.
Look how long the GOP has been controlling the purse and then look at our deficits
Actually Jeffery, spending on cybersecurity has increased greatly. It seems to be more of an issue of implementation (the spending of those funds) rather than the money.
Even so, for an agency – any agency – not to have upgrades for cyber security built into the capital improvement budgets and overall budget requests shows how inefficient and lackadaisical isolated people inside the beltway can be.
Throwing money at a problem is not always the answer.