Increased funding for cybersecurity has been a bipartisan issue in most 2014 budget proposals. But President Barack Obama and House Republicans do differ in one area for the Department of Homeland Security: network security deployment within the agency’s Office of Cybersecurity and Communications.
The Homeland Security Appropriations Act — scheduled to hit the House floor this week — allots DHS cybersecurity funding at levels almost identical to those in Obama’s recent 2014 budget. But House Republicans think DHS has been leaving money on the table when it comes to implementing its cybersecurity solutions.
In a report the committee submitted on the bill, it explained: “As budgets continue to tighten, the committee cannot allow funds to sit idly for multiple fiscal years. Therefore, reductions to the Network Security Deployment … are attributable to carry-over balances and the inability of the [NSD] to fully obligate the funds provided by Congress.” The bill’s sponsor, Rep. John Carter, R-Texas, chairs the House appropriations committee’s homeland security subcommittee.
Overall, the House’s bill includes $786 million for DHS cybersecurity initiatives, $30 million more than the enacted 2013 spending level, but $24 million less than Obama’s budget does. Nearly all of that $24 million comes from a lower allocation for network security deployment — $382 million compared to $406 million in Obama’s budget. Basically, the two sides agree on funding levels for almost all line items for DHS’s cybersecurity initiatives — coordination, management, computer emergency readiness, business operations, etc. — except deployment.
According to the DHS website, network security development “is responsible for designing, developing, acquiring, deploying, sustaining and providing customer support” for the agency’s cyberprotection systems. Network security deployment funds in 2014 will go toward procuring and installing EINSTEIN 3, DHS third-generation National Cybersecurity Protection System, which defends federal agency infrastructure.
“Specifically, the funds shall be used to provide risk-based, cost-effective cybersecurity to address escalating and rapidly evolving threats to information security, including the acquisition and operation of a continuous monitoring and diagnostic program,” according to the report.
A DHS official said the agency does not comment on pending legislation.