House committee wants data on cyber R&D funds
- By William Jackson
- May 23, 2003
Three agencies this month defended their funding of cybersecurity R&D before the House Science Committee.
Rep. Sherwood Boehlert (R-N.Y.), the committee's chairman, said fiscal 2003 appropriations and proposed 2004 funding for cyber R&D are significantly below the $903 million authorized over five years by the 2002 Cyber Security R&D Act.
Boehlert complained about the difficulty of finding out how much federal money is being spent because there is little program coordination.
Charles McQueary, undersecretary of Homeland Security and head of the department's Science and Technology Directorate, assured the committee that an R&D center is one of six IT security initiatives he will begin this year.Detailed plans
Only one of the directorate's seven mission areas specifically mentions IT security. Despite the apparent imbalance, McQueary testified that his other plans include:
- Support for the Secret Service's National Threat Assessment Center and Carnegie Mellon University's CERT Coordination Center, which are assessing insider threats and defenses
- A feasibility study for trace-back and geolocation of cyberattackers
- Development of a patch verification technology to improve software security management
- Development of technologies to detect covert threats to critical infrastructure
- Feasibility studies for scaling up the Secure Border Gateway Protocol and Secure Domain Name Service.
The National Institute of Standards and Technology will help the department carry out many of its cybersecurity responsibilities, NIST director Arden L. Bement Jr. said.
National Science Foundation director Rita Colwell said NSF next year will consolidate its IT security R&D programs into a single program called Cyber Trust.
As a major funding source for private and academic research, NSF doubled its cybersecurity spending to $30 million in 2003, from $15 million in 2002, Colwell said. Another $11 million is available in the Scholarships for Service program, and the new Cyber Trust program will make more effective use of that money, she said.
William Jackson is freelance writer and the author of the CyberEye blog.