Security funds dry up

On May 3, federal civilian agencies were put on notice that they could have a harder time next year finding money for certifying their computer systems' security.

Rep. Tom Davis (R-Va.) said the final federal budget for 2005 would probably offer slight increases for security spending for the Defense and Homeland Security departments. But civilian agencies most likely would have less money available for security improvements because of pay parity increases approved by Congress.

Speaking at an industry event sponsored by the Potomac Forum Ltd. and ICG Government, Davis offered his moral support for federal agencies struggling to comply with the Federal Information Security Management Act (FISMA) of 2002.

Davis, chief legislative architect of FISMA, said officials at federal agencies must be creative in finding ways to comply with the law's requirements. But he added that he hopes to convince the rest of Congress to provide more money for FISMA compliance in the future.

"Our [spending] priorities have to be the new systems," he said, noting that in circumstances where money is limited, older systems rank lower.

Davis reminded the audience of federal agency officials of the importance of FISMA compliance. With thousands of unauthorized computer probes daily by those he described as "people who are not our friends," Davis said federal computer systems are increasingly vulnerable to attack.

"I can just tell you from the [intelligence] briefings we get, something is going to happen," he said, adding that the resulting devastation "could dwarf what happened" Sept. 11, 2001.

Davis showed a lighter side when he acknowledged the complaint of one federal official who said the good efforts by the agency where she works get little visibility when congressional grades for computer security are given out at the Cabinet agency level.

For individual agencies' good work, Davis said, Congress probably needs to find some ways to say, "Atta boy."

Featured

  • Comment
    Diverse Workforce (Image: Shutterstock)

    Who cares if you wear a hoodie or a suit? It’s the mission that matters most

    Responding to Steve Kelman's recent blog post, Alan Thomas shares the inside story on 18F's evolution.

  • Cybersecurity
    enterprise security (Omelchenko/Shutterstock.com)

    Does Einstein need a post-SolarWinds makeover?

    A marquee program designed to protect the government against cybersecurity threats is facing new scrutiny in the wake of Solar Winds Orion breach, but analysts say the program was unlikely to have ever stopped the hacking campaign.

Stay Connected