Security funds dry up
- By Florence Olsen
- May 04, 2004
On May 3, federal civilian agencies were put on notice that they could have a harder time next year finding money for certifying their computer systems' security.
Rep. Tom Davis (R-Va.) said the final federal budget for 2005 would probably offer slight increases for security spending for the Defense and Homeland Security departments. But civilian agencies most likely would have less money available for security improvements because of pay parity increases approved by Congress.
Speaking at an industry event sponsored by the Potomac Forum Ltd. and ICG Government, Davis offered his moral support for federal agencies struggling to comply with the Federal Information Security Management Act (FISMA) of 2002.
Davis, chief legislative architect of FISMA, said officials at federal agencies must be creative in finding ways to comply with the law's requirements. But he added that he hopes to convince the rest of Congress to provide more money for FISMA compliance in the future.
"Our [spending] priorities have to be the new systems," he said, noting that in circumstances where money is limited, older systems rank lower.
Davis reminded the audience of federal agency officials of the importance of FISMA compliance. With thousands of unauthorized computer probes daily by those he described as "people who are not our friends," Davis said federal computer systems are increasingly vulnerable to attack.
"I can just tell you from the [intelligence] briefings we get, something is going to happen," he said, adding that the resulting devastation "could dwarf what happened" Sept. 11, 2001.
Davis showed a lighter side when he acknowledged the complaint of one federal official who said the good efforts by the agency where she works get little visibility when congressional grades for computer security are given out at the Cabinet agency level.
For individual agencies' good work, Davis said, Congress probably needs to find some ways to say, "Atta boy."