Danger Seen In Slashing Infosec SpendDHS Top Cybersecurity Executive Offers Words of Caution
Reitinger, who often testifies on IT security for the Obama administration before congressional committees (see Analysis: Face of Federal IT Security Leadership), made his remarks earlier this month before Congress voted on a final fiscal year 2011 budget and President Obama and House Budget Committee Chairman Paul Ryan, R-Wis., presented their visions of how to cut the federal deficit by trillions of dollars.
"The resources that we in government need are those the president asked for in his budget. We give a lot of thought to the resource requests, and as you can imagine, there is a fair amount of competition in government because there are a lot of missions that we need to accomplish. So we think very, very hard about how much to ask for and where to put."
Reitinger prefaced his remarks on the budget by reiterating his belief that the critical government and private sector IT infrastructure may not remain accessible and reliable during a time of crisis.
"I don't want to tell you that the sky is falling; I come work every day and I get work done," he said. "But I'm telling you that the threat environment is significant, and it is not possible for anyone to stay completely secure. It's just too hard, even for the most concerned agencies or private-sector entities. And, if we believe as our president said that our networks are national security assets, we need to pay significant attention to that problem."
According to the government IT market and research firm Input, the federal government is projected to increase spending on IT security to $13.3 billion in 2015 from $8.6 billion in 2010, an compound annual growth rate of 9.1 percent.
GovInfoSecurity.com, in another interview, asked Sen. Thomas Carper, the Delaware Democrat who chairs a subcommittee with cybersecurity oversight, whether the government should cut IT spending? Carper didn't directly answer that question, but said there's plenty of waste that could be eliminated, such as the check-box compliance requirements of the Federal Information Security Management Act (see Sen. Carper: Federal Infosec Efficiencies Needed).
"There are things we can do to save some money for. And, the last one is to make sure that we're not wasting a billion-and-a-half dollars a year on paperwork exercises that pretend to reflect improvements in our cybersecurity, when they do nothing of the sort," Carper said.
Reitinger, in the interview with GovInfoSecurity.com's Eric Chabrow, also:
- Defended the IT security leadership the federal government provides, in light of a recent GovInfoSecurity.com survey that showed two-thirds of government IT security practitioners questioning such leadership (see Gov't Infosec Pros Question Fed's Security Resolve).
- Addressed efforts by the federal government to assist financially strapped local and state governments in meeting cybersecurity challenges
- Discussed growth in IT security employment at DHS, saying a program to expedite hiring is working well, and DHS isn't experiencing problems recruiting qualified cybersecurity personnel.
Reitinger, in the first part of the interview, discussed the policies behind a new DHS white paper, Enabling Distributed Security in Cyberspace, which addresses how the government working with the private sector can create a new, secure computing ecosystem on the Internet.
Before joining DHS in 2009, Reitinger serves as Microsoft's chief trustworthy infrastructure strategist, responsible for helping improve the protection and security of the nation's critical IT infrastructure. At that job, he worked closely with government agencies and private partners on cybersecurity protection programs to build trustworthy computing systems worldwide.
While at Microsoft, he served as a member Federal Emergency Management Agency National Advisory Council, advising the FEMA administrator on aspects of cybersecurity related to emergency management. FEMA is a unit of DHS.
Reitinger is an expert on computer crime and policy, and previously was the executive director of the Department of Defense's Cybercrime Center, charged with providing electronic forensic services and supporting cyber investigative functions. Before joining DoD, Reitinger served as deputy chief of the computer crime and intellectual property division at the Department of Justice.
Reitinger holds a law degree from Yale Law School and a bachelor degree in electrical engineering and computer science from Vanderbilt University.