Monday, August 7, 2017

S 1662 Introduced – FY 2018 CJS Spending

Last month, Sen. Shelby (R,AL) introduced S 1662, the Commerce, Justice, Science, and Related Agencies (CJS) Appropriations Act, 2018. The bill does not specifically mention cybersecurity, but there are a number of places in the Committee Report on the bill that address cybersecurity issues.

DOC Cybersecurity

Most of the Department of Commerce (DOC) cybersecurity funding is made through the National Institute of Standards and Technology (NIST). Thus, it is not surprising that all of the Committee cybersecurity comments are related to NIST. The Committee comments that:

• NIST cybersecurity spending remains constant and “NIST is encouraged to update and enhance the NIST Cybersecurity Framework” (pg 21);
• No less than $33,000,000 is provided for the expanded National Cybersecurity Center of Excellence (NCCoE); (pgs 21-2);
• NIST shall provide a detailed accounting for the NCCoE’s budget and activities in its fiscal year 2018 spend plan (pg 22); and
• The Committee provides up to $2,000,000 to develop an IoT cybersecurity research initiative; the initiative shall seek to improve security of IoT devices in consumer and industrial settings (pg 22).

DOJ Cybersecurity

The situation in the Department of Justice is quite a bit different, with a number of agencies having cybersecurity responsibilities. In general, “the Committee directs the Department to maintain its cybersecurity posture at no less than the fiscal year 2017 level to defend and respond to current and emerging attacks that threaten its own infrastructure and activities” (pg 60). Additionally, the Committee provided specific guidance:

• The Committee increased the spending for the United States Attorney’s Office (USAO) by $4.9 million above the requested amount;
• The increased spending will all the USAO to “provide the high-caliber level of training on cybercrime and digital evidence needed for Assistant U.S. Attorneys to be able to analyze and present digital evidence across all types of criminal cases” (pg 69).
• After noting that the “FBI remains the only agency with the statutory authority, expertise, and ability to combine counterterrorism, counterintelligence, and criminal investigatory resources to neutralize, mitigate, and disrupt illegal domestic computer-supported operations” (pg 74), the Committee provided programmatic increases for cybersecurity activities throughout the FBI;
• The Committee provided $1 million “for the continuation of a Cybercrime and Digital Evidence • Resource Prosecutor Pilot Program to provide State and local prosecutors with training and trial experience in cybercrimes and digital evidence” (pg 92); and
• The Committee provided $1 million “to establish a partnership with an institution for higher learning for the purposes of furthering educational opportunities for students training in computer forensics and digital investigation” (pg 92).

NSF Cybersecurity

The Committee continued funding for cybersecurity research at current levels. Additionally, they provided “no less than $55,000,000 for the CyberCorps: Scholarships for Service program” (pg 118. Of that money, $7.5 million was allotted for continued support of “community colleges that have been designated as a Center of Academic Excellence in Information Assurance 2–Year Education [CAE2Y]” (pg 119).

Moving Forward

As with the other spending bills, it is unlikely in the extreme that this bill will be specifically considered in the Senate. It looks like the two Appropriations Committees will be spending their time working out a continuing resolution and a subsequent combined spending bill. As a result, the money amounts mentioned above are very likely to change before the final spending bill is passed.

No comments:

/* Use this with templates/template-twocol.html */