White House ready to spend billions on cybersecurity as threats mount

On Monday, February 12, President Donald Trump issued a 2019 fiscal year budget proposal that sets aside $80 billion for IT and cybersecurity. This is a 5.2% increase and is intended to modernize federal IT. Fearing a loss of public trust, the US government is working to update its approaches, technology, and skillsets to meet today’s critical mission demands and public expectations.

According to the ‘Modernizing Government for the 21st Century: An American Budget’ fact sheet, the Trump administration will announce its reform campaign in March, laying out concrete goals and trackable metrics. The administration aims to improve in a number of critical areas, including cybersecurity. Recognizing that a reform of this scope is not a short-term process, President Trump labeled the new budget as “down payments on this work and foreshadow efforts still to come.”

The funding will help to modernize IT with a focus on productivity and security, and deliver a modernized “21st century framework” for data that provides efficiency, accountability, and transparency. The budget devotes $210 million to the Technology Modernization Fund, which transitions federal IT from legacy systems to modern platforms. Civilian IT funding will receive $45.8 billion, to be split among 4,113 IT investments.

Federal IT cybersecurity
funding by agency
Agency Amount (USD) Purpose
Department of Defense 84 billion R&D to “maintain technical superiority”;
AI, hypersonics, and autonomous systems development
Department of Justice 25 million IT modernization; streamline immigration IT
Department of Homeland Security 1 billion IT streamlining, including information sharing
Department of State 8.2 billion IT modernization, including legacy system and software upgrades
Department of Treasury 25 million IT system protection against cybersecurity threats
Department of Veterans Affairs 4.2 billion Legacy system upgrades; enterprise IT enhancements;
1.2 billion to create an electronic health records system
Department of Energy 95 million Grid infrastructure protection

 

President Trump’s FY2019 budget proposal comes after the US Senate passed the Modernizing Government Technology Act in September 2017 by a vote of 89 to 8. It was made into law in December. The amendment grants $500 million over two years for agencies to fulfill IT modernization needs, including Cloud migration. $210 million of the fund was allocated to the Technology Modernization Fund to modernize federal IT.

The White House recently replaced US CIO Margie Graves with Suzette Kuhlow Kent, who will take on a permanent role within the OMB’s Office of Electronic Government. She will be accountable for federal IT initiatives.

Cybersecurity threats mounting as White House launches its modernization campaign

US intelligence agency leaders have advised that Russia may try to tamper with the 2018 US midterm elections via social media to spread propaganda and false information, as allegedly happened in the 2016 campaign. Other tactics include false-flag personas and sympathetic spokespeople.

At a congressional committee, Dan Coats, director of National Intelligence, affirmed that Russia and malicious actors from other nations are likely to target US and European elections. He said that Moscow believes previous attempts successfully undermined US democracy in 2016 and claimed to have evidence that Russia targeted the US elections last November.

“Frankly, the United States is under attack,” Coats said at the Senate Intelligence Committee’s annual hearing on worldwide threats. Previously, social media company executives, including those from Facebook and Twitter, testified in Congress about Russia’s alleged disinformation drive to influence US voters. Facebook said that 126 million Americans may have already been exposed to Russian-backed political content through its platform over two years.

Coats also said that cyber attacks are on the rise, and suggested that Russia, China, Iran and North Korea pose the greatest cyber threats.

Protect your organization from emerging cybersecurity threats

Cyber criminals do not only threaten federal government. They target state, local, and tribal governments, and businesses of all types and sizes. Organizations must take precautions to mitigate cybersecurity risk and manage breach events that may occur. Implementing an information security management system (ISMS) is an effective measure to safeguard personal data.

Certifying to ISO 27001, the international standard that describes best practice for an ISMS, demonstrates that an organization has implemented the correct data security controls. IT Governance has developed an accredited, practitioner-led course to help you manage an ISO 27001 ISMS implementation program. You will learn about data security regulations compliance, information security risk mitigation, and managing data breach event responses.  Register for the ISO 27001 Certified ISMS Lead Implementer Training Course >>