http://www.fcw.com/fcw/articles/2001/0416/web-extra-04-16-01.asp
BY Diane Frank
04/16/2001
President Bushs first budget sets aside funds for two Clinton
administration information security projects and provides modest gains
for governmentwide security initiatives.
The Scholarship for Service program, designed to increase the number
of information security professionals, netted $11.2 million for 2002.
The scholarships pay for the education of students willing to serve as
federal security professionals after graduation. The SFS program,
managed by the National Science Foundation, will award its first
grants in June.
Bush also set aside funds to support his predecessors critical
infrastructure protection initiatives, even though Presidential
Decision Directive 63 expires at the end of fiscal 2001.
The $5 million proposed for the Critical Infrastructure Assurance
Office shows that Bush intends to extend PDD-63 beyond its expiration
date, said John Tritak, director of the CIAO.
Sallie McDonald, assistant commissioner of the General Services
Administrations Office of Information Assurance and Critical
Infrastructure Protection, said that Bushs budget may be just the
beginning of information security funding. Recent congressional
hearings, such as one earlier this month in the House Energy and
Commerce Committee, showed that lawmakers are paying more attention to
security and critical infrastructure protection, McDonald said.
Under Bushs plan, the Federal Computer Incident Response Center
(FedCIRC), the central organization for civilian cyberattack warnings
and response, received a $3 million boost for 2002. Those funds are
earmarked for the continued development of a secure network to
communicate with agencies about vulnerabilities and for a high-speed
voice and fax system to send out alerts when networks are compromised.
Some of the proposed 2002 money will help create a central data
correlation and analysis center at FedCIRC where agencies will
voluntarily feed incident information, said David Jarrell, director of
FedCIRC.
GSA also is slated to get $3.5 million for a federal public-key
infrastructure (PKI) program, which is aimed at getting agencies to
use digital certificates to provide authentication, confidentiality
and authorization for electronic transactions. The program moved to
GSA late last year from the Treasury Department, along with the PKI
Steering Committee and the Federal Bridge Certification Authority,
which will allow agencies to recognize the authenticity of other
agencies certificates.
Some of the 2002 funding will stay at Treasury, which still oversees
the bridges Policy Authority, McDonald said. The bridge is expected be
operational in the next month.
"With that funding, well have the opportunity to supply some seed
money to agencies to start some pilots using the bridge next year,"
she said.
Individual agencies are clearly responding to the new requirements
handed down in the Government Information Security Reform Act, passed
last October. The act requires agencies to implement good security
practices and conduct annual self-assessments.
The Office of Management and Budget is now requiring agencies to
include security plans in their system requests. The security line
items at agencies such as the Federal Aviation Administration, the
Education Department and the Environmental Protection Agency will rise
in 2002.
ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV@SecurityFocus.com with a message body of
"SIGNOFF ISN".
Received on Wed Apr 18 01:13 CDT 2001