Obama Battles GOP over NSTIC Funding

President Obama has threatened to veto House legislation funding the National Institute of Standards and Technology because Republicans failed to include funding for the National Strategy for Trusted Identities in Cyberspace.

See Also: Webinar | Prevent, Detect & Restore: Data Security Backup Systems Made Easy

The administration had requested Congress to appropriate $24.5 million in fiscal year 2013 for NSTIC (pronounced en-stick), a NIST-administered initiative to create an Internet ecosystem in which people can choose from a marketplace of trusted credentials to prove their identities so they can transact business safely online [see A Plan to Improve Online Security].

Congress had appropriated $16.5 million for fiscal year 2012 to get NSTIC rolling. The House version of the appropriations bill does not give NSTIC any money for the fiscal year that begins Oct. 1. A Senate version of the appropriations bill, which the administration backs, provides the full White House request for NSTIC.

"The continued government support of NSTIC pilot projects, as proposed in the president's FY 2013 budget, is required to demonstrate new identity management solutions that will protect individuals, businesses and agencies from cybercrimes," a Statement of Administration Policy issued May 7 states.

Money for NSTIC represents a small percentage of the funding - more than $1 billion - the administration seeks that's absent from the House appropriations bill to fund programs at the departments of Justice and Commerce, where NIST is based, as well as a series of science and research programs, including NASA projects. The White House statement characterized the missing appropriations as investments in areas "critical to the nation's economic growth, security and global competitiveness."

Republicans refused to include the funding, in part, as a move to reduce the federal government's growing, multi-trillion-dollar budget deficit. The administration statement contends the GOP refusal to appropriate the funds reneges on last summer's bipartisan agreement to tackle the growing deficit.

NSTIC is a favorite initiative of White House Cybersecurity Coordinator Howard Schmidt, who in a video interview with Information Security Media Group (see video below) said it should help chief information officers and chief information security officers of all types of enterprises implement identity management solutions beyond usernames and passwords.

But Schmidt said the main reason the government should pursue NSTIC is the benefit it offers to Internet commerce. Plus, he said, it's very doable, "low-hanging fruit."

"It's something we should accomplish relatively easily," Schmidt said in the interview. "The technology exists today. Everybody wants to have an easier time managing their identities, so this is something we said would be a good way to do it, something that private sector can sort of take a lead on this, and help us build this ecosystem."