IS experts hope Biden’s proposal is just the initial installment in a much larger initiative.
U.S. President-elect Joe Biden proposed using $10 billion of the $1.9 trillion in post-CoVID-19 economic recovery funds to support the IT industry and cybersecurity.
According to Biden’s “American Recovery Plan,” about $9 billion will be allocated to the Cyber Security and Information Security Agency (CISA) and the General Services Administration (GSA) to implement projects to modernize cybersecurity and IT. Another $1 billion is proposed for a number of IS and IT initiatives, including:
$200 million for the rapid hiring of security experts to work in the U.S. Office of the Director of Information Security and the General Services Administration;
$300 million for additional Office of General Services IT projects;
$690 million for CISA projects to improve incident monitoring and response at federal agencies.
The increase in funding for IS and IT improvement projects is a direct response to the SolarWinds attack that affected U.S. federal agencies, including the Departments of Treasury, Commerce, Homeland Security, Justice and Energy. As Biden previously noted, the SolarWinds incident is a prime example of a gap in U.S. cybersecurity.
Some cybersecurity experts hope that Biden’s proposal is just an initial installment in a much larger initiative.
“Investing more money in agencies without strategic objectives does not produce the best or at least desirable results. We cannot continue to invest in strategies and technologies already proven ineffective against today’s threats. The initiative needs to be narrowed because the problems are not always due to a lack of funding, but rather inadequate strategy and architecture and poor execution,” says retired U.S. Brig. Gen. Greg Touhill, who was the nation’s first federal chief information security officer.