Last month, Sen. Shelby (R,AL) introduced S 1662,
the Commerce, Justice, Science, and Related Agencies (CJS) Appropriations Act,
2018. The bill does not specifically mention cybersecurity, but there are a
number of places in the Committee
Report on the bill that address cybersecurity issues.
DOC Cybersecurity
Most of the Department of Commerce (DOC) cybersecurity
funding is made through the National Institute of Standards and Technology
(NIST). Thus, it is not surprising that all of the Committee cybersecurity
comments are related to NIST. The Committee comments that:
• NIST cybersecurity spending
remains constant and “NIST is encouraged to update and enhance the NIST
Cybersecurity Framework” (pg 21);
• No less than $33,000,000 is
provided for the expanded National Cybersecurity Center of Excellence (NCCoE);
(pgs 21-2);
• NIST shall provide a detailed
accounting for the NCCoE’s budget and activities in its fiscal year 2018 spend
plan (pg 22); and
• The Committee provides up to $2,000,000 to develop
an IoT cybersecurity research initiative; the initiative shall seek to improve
security of IoT devices in consumer and industrial settings (pg 22).
DOJ Cybersecurity
The situation in the Department of Justice is quite a bit
different, with a number of agencies having cybersecurity responsibilities. In
general, “the Committee directs the Department to maintain its cybersecurity
posture at no less than the fiscal year 2017 level to defend and respond to
current and emerging attacks that threaten its own infrastructure and
activities” (pg 60). Additionally, the Committee provided specific guidance:
• The Committee increased the
spending for the United States Attorney’s Office (USAO) by $4.9 million above
the requested amount;
• The increased spending will all
the USAO to “provide the high-caliber level of training on cybercrime and
digital evidence needed for Assistant U.S. Attorneys to be able to analyze and
present digital evidence across all types of criminal cases” (pg 69).
• After noting that the “FBI
remains the only agency with the statutory authority, expertise, and ability to
combine counterterrorism, counterintelligence, and criminal investigatory
resources to neutralize, mitigate, and disrupt illegal domestic
computer-supported operations” (pg 74), the Committee provided programmatic
increases for cybersecurity activities throughout the FBI;
• The Committee provided $1 million
“for the continuation of a Cybercrime and Digital Evidence • Resource
Prosecutor Pilot Program to provide State and local prosecutors with training
and trial experience in cybercrimes and digital evidence” (pg 92); and
• The Committee provided $1 million
“to establish a partnership with an institution for higher learning for the
purposes of furthering educational opportunities for students training in
computer forensics and digital investigation” (pg 92).
NSF Cybersecurity
The Committee continued funding for cybersecurity research
at current levels. Additionally, they provided “no less than $55,000,000 for
the CyberCorps: Scholarships for Service program” (pg 118. Of that money, $7.5
million was allotted for continued support of “community colleges that have
been designated as a Center of Academic Excellence in Information Assurance
2–Year Education [CAE2Y]” (pg 119).
Moving Forward
As with the other spending bills, it is unlikely in the
extreme that this bill will be specifically considered in the Senate. It looks
like the two Appropriations Committees will be spending their time working out
a continuing resolution and a subsequent combined spending bill. As a result,
the money amounts mentioned above are very likely to change before the final
spending bill is passed.
Posts
No comments:
Post a Comment