Senate appropriators are proposing a slight increase in overall operations and procurement accounts for the Department of Homeland Security’s (DHS) cyber security efforts, including additional funds to accelerate a program that protects helps protect the networks of federal civilian departments and agencies.
The Senate Appropriations Committee (SAC) is recommending $992.6 million for operations and support, and procurement within the DHS National Protection and Programs Directorate (NPPD). The budget recommendation, outlined in SAC Chairman Thad Cochran’s (R-Miss.) Nov. 21 mark of the FY ’18 DHS spending bill, is $26 million more than requested.
The NPPD includes the government’s around the clock cyber watch center, called the National Cybersecurity and Integrations Center, or NCCIC, computer emergency response teams, and operations related to the government’s intrusion detection and prevention platform called Einstein, and the Continuous Diagnostics and Mitigation (CDM) program that monitors federal civilian networks for potential cyber threats.
Cochran’s mark provides $103 million for CDM, almost $10 million more than requested. The increase is to accelerate the second and third phases of the program and move rapidly on the fourth phase. The first phase of the program is aimed at acquiring tools so that federal agencies can inventory their networks and manage vulnerabilities.
Phase 2 of CDM focused on access controls and privileges, and security related behavior management to give authorities information about who is on the networks, while the third phase provides tools for incident response, risk management, and boundary protection to better understand what is happening on the network. The fourth phase, which was added after the program began, is aimed at protecting data on the network.
“Recognizing the ever-changing cybersecurity landscape and increased vulnerabilities to data, the committee encourages NPPD to expedite the program strategy to evolve beyond network protections by also including data protections,” says an explanatory statement accompanying Cochran’s mark.
The House Appropriations Committee in July marked up the DHS spending bill, providing $91.7 million for CDM within NPPD’s operations and support account. DHS is requesting $93.8 million for CDM operations and support.
For the National Cybersecurity Protection System, better known as Einstein, a press release issued by Cochran says the committee is providing $294 million for the platform that DHS uses to monitor traffic into and out of federal networks, as well as provide analytics and the ability to share information with public and private stakeholders. The monitoring tools include detection and prevention of potential cyber threats.
The committee’s recommendation for Einstein is $3 million above the request to accelerate pilot programs mandated by Congress in 2015 to “acquire, test, and deploy technologies as rapidly as possible” to improve detection capabilities for cyber threats entering and exiting federal networks.
Cochran’s mark includes $210.8 million for the NCCIC, which links federal, state, local, tribal and territorial (SLTT) government stakeholders, as well as the private sector to enhance the nation’s cyber situational awareness. The panel says that SLTT governments are lagging in their abilities to share cyber threat information and want DHS to do something about it.
The committee is providing $3 million more than requested “for the establishment of pilot programs to explore and evaluate the most effective methods for cybersecurity information sharing, focusing on regional information sharing, communications and outreach, training and education, and research and development for the improvement of SLTT government capabilities and capacity,” Cochran’s statement says.
The committee also wants NPPD and the Federal Emergency Management Agency to provide a brief on the types of assistance that DHS gives to SLTT governments and law enforcement agencies to protect their networks.
“The committee is concerned that some SLTT law enforcement agencies may lack the expertise or resources needed to defend themselves against cyber-attacks,” the statement says.