As the financial meltdown continues, there has still been plenty of attention on cybersecurity within the Beltway. Note these three events last week in Washington.
Budget increases. President Obama's proposed 2010 budget includes $42.7 billion for the Department of Homeland Security with cybersecurity spending included in this sum. Additionally, the budget allocates $355 million to the National Cyber Security Division. There are a few additional items that affect cybersecurity.
A new cybersecurity report. A new report from Dartmouth College's Institute for Information Infrastructure Protection (I3P) was delivered to U.S. Sens. Joseph Lieberman (I-Conn.) and Susan Collins (R-Maine), who serve as the chairperson and ranking member of the Senate Committee on Homeland Security and Government Affairs, respectively. The report recommends a coordinated response across the government and the private sector, coordinated metrics to assess progress, and an increasing focus on cybersecurity education.
The National Institute of Standards and Technology (NIST) is revising its "Guide to Enterprise Telework and Remote Access Security," first published in 2002. While NIST is a federal government entity, this is an excellent set of guidelines for any organization providing remote access to its network for employees and third parties. NIST is asking for comments to this new publication, NIST 800-46 Revision 1, by March 27.
As a security professional, I am always worried that security concerns will be ignored when times get tough. It is nice to see that the Obama administration recognizes the scope of cybersecurity issues and is willing to fund efforts to address these problems rather than take the old "security by obscurity" approach.