HSD outlines cybersecurity plans
- By William Jackson
- May 15, 2003
The Homeland Security Department plans to establish a cybersecurity research and development center that would be a focus for federal and private R&D efforts, undersecretary Charles McQueary told the House Science Committee yesterday.
McQueary, who heads the department's Science and Technology Directorate, said the center was one of six IT security initiatives the directorate would undertake this year. Although the bulk of the directorate's mission will focus on physical security technology, he reassured the committee that IT security would be a significant part of the mission.
Science Committee chairman Rep. Sherwood Boehlert (R-N.Y.) called the hearing to look into shortfalls of federal funding for research on IT security. The Cyber Security Research and Development Act of 2002 authorized $903 million over five years for R&D. But fiscal 2003 appropriations and proposed 2004 funding 'are significantly below the authorized levels,' the chairman wrote in the hearing charter.
He also complained that it is difficult to find out how much federal money is being spent on R&D for IT security.
Also testifying at the hearing were officials from the Defense Advanced Research Projects Agency, National Science Foundation and National Institute of Standards and Technology.
NSF director Rita Colwell said her agency, a major funding source for private and academic research, doubled its cybersecurity spending between fiscal 2002 and 2003, to $30 million. Another $11 million is available for the Scholarships for Service program. She said the agency's cybersecurity portfolio would be consolidated next year.
'Beginning in fiscal 2004, the entire suite of cyberscurity activities will be managed under one integrated, cross-cutting program called Cyber Trust,' Colwell said.
Director Tony Tether addressed concerns that DARPA funding for information assurance has dropped drastically.
'Let me assure you that we have a robust program in information assurance, and we plan to continue this robust program in the coming years,' Tether said.
He cited one reason for the apparent decline in funding. 'A significant and growing element of DARPA's work in information assurance is classified and cannot be discussed in this forum,' he said.
Committee member Rep. Nick Smith (R-Mich.) questioned the growth of classified work. 'How do you balance the need to protect classified research with the need to utilize key research gains in the private sector,' he asked.
Other IT security initiatives HSD's Science and Technology Directorate expects to take part in this year include:Supporting the Secret Service National Threat Assessment Center and the CERT Coordination Center at Carnegie Mellon University in an assessment of insider threats and defenseFeasibility study for trace-back and geo-location of attack sourcesDeveloping patch verification technology to improve security patch managementDevelopment of technologies for detecting covert threats to critical infrastructureFeasibility studies for the scalability and technology application of Secure Border Gateway Protocol and Secure Domain Name Services.
William Jackson is a Maryland-based freelance writer.