Short-Term Budgeting Threatens American Cybersecurity
At a time when cybersecurity concerns are front-and-center for the federal government -- particularly in light of questions over to what extent cyber vulnerabilities were exploited during the 2016 election – ongoing reliance on short-term budgeting could be exacerbating the problem, according to a piece by Federal Times’ Jessie Bur.
Among the impacts of the use of short-term continuing resolutions – bills that continue to fund the government for weeks and months, rather than laying out priorities and spending levels for the full Fiscal Year – is an inability on the part of some federal employees to sufficiently respond to cyber threats. Unfortunately, the problem persists whether or not the government is shutdown, so long as federal managers are unable to know their programs’ funding levels and budgets.
“Agencies cannot begin to spend dollars until they are appropriated, and if their planning, their execution, their identification of contractors, identification of which tools they need happens and we end up with a fiscal year where only five months are actually appropriated, it’s too short of a time frame to effectively complete that, deploy the activity and get the dollars obligated for a contract,” said Trey Hodgkins, the Information Technology Alliance for Public Sector’s senior vice president in testimony to the House Homeland Security Committee.
This week, the U.S. Senate passed its fourth continuing resolution since the Fiscal Year began in 2018. The next continuing resolution is slated to expire on February 8th. Also expected in February: a draft of President Trump’s budget proposal for Fiscal Year 2019. Thus, even if Congress were to pass a longer-term budget following the expiration of the current continuing resolution, the “long-term” measure would only cover seven months of the full budget year.
Among the fixes that could help agencies weather the vulnerabilities posed by budget instability is an ongoing improvement of the data provided through the Department of Homeland Security’s Continuous Diagnostics and Mitigation (CDM) program.
Said Frank Dimina, data specialist Splunk’s area vice president for federal, “Today, CDM data presented in the federal dashboard is summary data. Like a photograph, summary data provides a snapshot in time, but lacks the fidelity of a live video feed. Providing DHS analysts with greater detail and drill-down capability would significantly enhance their ability to protect the homeland.”
Posted in Featured News