More money is needed for cybersecurity, researchers say

More money is needed for cybersecurity, researchers say

The federal government has failed to provide leadership and, more importantly, funding for research on cybersecurity, representatives from academia and industry told a congressional panel today.

'First and foremost, we need money,' William A. Wulf of the National Academies of Science and Engineering told the House Science Committee. 'There has never been a funding agency that believed it was responsible' for funding basic research on computer and network security, he said.

Wulf, president of the National Academy of Engineering, testified during a hearing on network security that government funding has concentrated on short-term, quick-fix programs that have failed to attract top talent. As a result, 'very little progress' has been made in computer security.

Eugene Spafford, director of the Center for Education and Research in Information Assurance and Security at Purdue University, said research funded with private-sector money produces proprietary results that cannot be published, making it professionally unattractive to academics. He said legal restrictions, such as the Digital Millennium Copyright Act, make some research impossible.

Asked how much money was needed to adequately fund security research, Terry A. Benzel, vice president of advanced security research for Network Associates Inc. of Santa Clara, Calif., put it at an order of magnitude greater than what is being spent now. The problem is, no one knows how much is being spent now.

Said Wulf, 'I don't think it's an issue of a lot of money. If you gave us $100 million today, I don't know that we could spend it.' What is important is a long-term commitment to funding that will attract serious scientists, he said.

About the Author

William Jackson is a Maryland-based freelance writer.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.