The Public Eye with Eric Chabrow

Sequestration's Impact on IT Security

OMB Letter Provides Glimpse at Cybersecurity Budget Cuts
Sequestration's Impact on IT Security

Sometimes those in government want you to be scared about the cyber-threat. Leaders such as recently-departed Defense Secretary Leon Panetta have warned of a "cyber Pearl Harbor."

See Also: Zero Trust Webinar: Research Insights Exploring the Actionable, Holistic & Integrative Approach to Security

But at other times, top government leaders play down the cyber-threat - such as the automatic budget cuts known as sequestration.

I don't believe overall that it will actually prove to be catastrophic to our security programs because we prioritize those fairly highly. 

In an interview I had with White House Cybersecurity Coordinator Michael Daniel last week at RSA Conference 2013 in San Francisco, the special assistant to the president minimized the damage the automatic budget cuts would have on protecting the nation's key digital assets [see Obama Cybersecurity Adviser on Legislation, Jobs, Sequestration].

"Undoubtedly, it will have an impact on our ability to keep doing the programs that we've been doing, but I don't believe overall that it will actually prove to be catastrophic to our security programs because we prioritize those fairly highly," Daniel said. "But there's no doubt it will have an impact and a negative one."

Asked which programs would be affected, Daniel responded: "It's a little difficult to predict exactly how that would fall out at this point, but they would undoubtedly slow us down in implementing the programs that we want to implement."

Homeland Security Reductions

According to a letter from Office of Management and Budget Director for Management Jeffrey Zients to House Speaker John Boehner, under sequestration, the Department of Homeland Security's National Protection and Program Directorate infrastructure and information security budget of $1.17 billion for fiscal year 2013, which ends Sept. 30, will be cut by $91 million, or 7.8 percent. Among the Directorate's IT security programs is one to help federal departments and agencies deploy continuous monitoring - continuous diagnostics, in Daniel's vocabulary.

In another interview I had at RSA, Homeland Security Deputy Undersecretary for Cybersecurity Mark Weatherford agreed with Daniel that sequestration won't devastate the department's IT security initiatives [see Keeping IT Secure Under Sequestration].

"I won't say we're going to be made whole, but we're not seeing as big of an impact as some of the other areas [of the budget]," said Weatherford, the highest ranking DHS official solely focused on cybersecurity. "That's recognition that we can't be penny wise and pound foolish. We can't stop and start some of the things that we're doing; some of the acquisitions, some of the programs, some of the hiring. This is too critical for what we're doing for the nation right now."

Weatherford credited good planning as the reason the automatic cuts won't be overly damaging, adding he didn't expect cutbacks on DHS's cybersecurity staff.

NIST Cuts Outlined

Other IT security-related cuts mentioned in the Zients' letter include $1 million out of a $10 million line item for cybersecurity initiatives from the Department of Transportation's Office of the Secretary budget as well as $29 million from $580 million for scientific and technical research and services for the National Institute of Standards and Technology, which develops IT security and information risk management standards for federal agencies.

The Defense Department's budget will be slashed by 7.8 percent, and IT security initiatives could be targeted, although the Zients' letter doesn't provide any details on cybersecurity cuts.

Even with limited cutbacks, should citizens be concerned? Daniel doesn't think so: "There are a lot of reasons to be concerned about the sequester, right? I don't think impacts on federal government cybersecurity would probably be the main driving factors to be worried about of the sequester. But there are plenty of other reasons to be worried about the sequester."

What also should trouble citizens about the sequestration is how we got here: the dysfunctional American government. The same, partisan quibbling that led to sequestration is behind the failure of Congress to agree on a comprehensive cybersecurity bill. It's a sad state of affairs.

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.