FBI budget request highlights data analysis, cyber workforce
- By Derek B. Johnson
- Apr 04, 2019
FBI Director Christopher Wray told appropriators at an April 4 budget hearing that the bureau was racing to adapt its resources and practices to account for a "new normal" where significant elements of most criminal and counterintelligence investigations are increasingly carried out in the digital sphere.
A range of growing threats that require combatting nation-state hackers and dismantling botnets as well as fighting against ransomware and distributed denial-of-service attacks is straining the organization's technical resources.
On top of that, the FBI's role assisting state and local governments and private-sector companies -- who often face the same threats but have a fraction of the resources the federal government brings to bear -- has steadily grown as policymakers gain greater appreciation of how successful cyberattacks can have cascading consequences across different sectors and industries.
"Make no mistake, it is a significant challenge, and it exceeds the bandwidth that we have at the moment," Wray told the House Appropriations subcommittee on Commerce, Justice, Science and Related Agencies.
The bureau is requesting an additional $70.5 million to enhance information-sharing abilities and augment its current cyber tools and capacities, as well as add 33 positions. That's on top of its current funding of $452 million in salaries and expenses on 1,981 employees for cyber-related investigations, according to its latest budget request.
Wray said 25 new positions would be primarily dedicated to data analysis, a growing need as criminal investigations in nearly every arena increasingly come with significant cyber or digital evidence components. The sheer amount of data the bureau must ingest, process and analyze has greatly accelerated over the past few years, and Wray indicated those trends will only continue upward in the future.
That reality creates real resource constraints for the FBI, which has struggled to retain its top cyber talent and often can't compete with the higher salaries offered to younger, up-and-coming IT security professionals by Silicon Valley and other sectors. The recent partial government shutdown that left Department of Justice employees without a regular paycheck for five weeks also did no favors to the bureau's recruiting pitch.
Wray highlighted the importance of training programs designed to "improve the median proficiency" of the bureau's existing workforce in IT and computer security fundamentals so that its cybersecurity "black belts" can focus on larger threats, like nation-state hacking groups.
He also said the bureau will need to improve coordination with other sectors, arguing that closer partnership and collaboration with the private sector is more important for cyber crime than any other area the FBI works in.
"There is a swath of cyber-enabled criminal activity that is affecting businesses that is essentially below the level of the most sophisticated stuff that the feds take on but is above the level that currently is in the range of most state and local law enforcement," said Wray.
This same week, the DOJ inspector general reported that errors and inconsistencies stemming from poor data management practices have prevented the bureau from promptly notifying private-sector companies when they are victims of cyber intrusions.
Derek B. Johnson is a former senior staff writer at FCW.