U.S. Funds Sought For Security R&D

Telecom Policy Report, August 15, 2005

The latest round of pocketbook policy-making has the Bush administration and lawmakers being urged to pay more budget attention to funding programs on cyber security concerns. The Cyber Security Industry Alliance (CSIA) recently urged the White House and the U.S. Congress to escalate cyber security research and development efforts.

The Arlington, Va.-based public policy and advocacy group released a report seeking "immediate action" and calling on the federal government to prepare a long-term cyber security R&D plan and to increase federal funding to "strengthen the resiliency of the information infrastructure and ensure the U.S. maintains its competitive edge in information technology."

In analyzing the current state of cyber security R&D, CSIA offers funding recommendations while stressing the need for a national "vision" for the security, reliability and resiliency of information infrastructure networks. CSIA also voices concern over the dissolution of the President's Information Technology Advisory Committee (PITAC), which emphasized in a recent report the need to elevate the priority level of cyber security R&D. CSIA's report also outlines its support for the PITAC-recommended federal priorities for cyber security R&D investment during the next 10 years.

"The crisis in leadership in cyber security R&D will hold long-term implications for the U.S. if it is not addressed soon," says Paul Kurtz, executive director of CSIA. "The reasons for the recent lapse of the PITAC remain unclear, but its dissolution is a blow to the R&D community. The loss of this independent committee's expertise and advice reduces the priority level of cyber security R&D, which will continue to dissipate without an advisory body to oversee R&D,"

PITAC's R&D priority areas for cyber security include: authentication technologies; secure fundamental protocols; secure software engineering and software assurance; holistic system security; monitoring and detection; mitigation and recovery methodologies; cyber forensics; modeling and testbeds for new technologies; and metrics, benchmarks and best practices. PITAC was chartered by Congress under the "High-Performance Computing Act of 1991," and it was formally renewed through presidential executive orders; the latest Executive Order expired June 1, 2005.

Kurtz, however, maintains "the PITAC recommendations endure despite the committee's lapse, and it is imperative, now more than ever, to act on them." He is buoyed by a Department of Homeland Security (DHS) decision to name a new Assistant Secretary for Cyber Security and Telecommunications (TPR, July 18).

Money Good, But Not Without Objectives

CSIA says an increase in funding will not produce better results unless clear, long-term priorities for cyber security R&D are established. A combination of clear priorities and increased funding can create a larger pool of experts to examine in-depth security issues that plague networks as well as develop improved technologies to ensure secure, stable and reliable information networks. Its funding recommendations include:

* Creation of an entity (such as the new DHS post) designated to coordinate private and government cyber security efforts.

* Development of a national long-term plan for security.

* Heightened congressional involvement in the form of hearings to review the state of federal funding for R&D.

* Co-mingling private and government cyber security R&D funding to create more R&D opportunities and benefit the private sector.

"Research and development can play a major role in helping to address many of the current and emerging cyber security threats if the programs are properly funded and managed," says Dr. Burt Kaliski, vice president of research at RSA Security and chief scientist at RSA Laboratories who chaired the industry team that advised CSIA on its suggestions to the Administration and to Congress.

In its letter to Congress, the Information Technology Association of America recently expressed concerns that federal lawmakers in the House and Senate need to shore up gaps in DHS appropriations bills and to restore funding in several areas. Also, the Telecommunications Industry Association (TIA) says it has stepped up its advocacy for more U.S. funding of basic research into communications technologies, including its establishment of a division devoted solely on efforts to support increases in federal outlays (TelecomWeb news break, Aug. 12).

[Copyright 2005 Access Intelligence, LLC. All rights reserved.]