On Monday, the Obama administration released a budget of $3.8 trillion with a request of close to $80 billion to be allocated to IT spending for 2011. In terms of information security, the administration is seeking to improve broadly in three areas; improving identity management, shift to a real-time security posture and cyber incident information sharing.
Identity management is a central issue for any cyber security team. Ensuring that the right person is able to access the appropriate level of information is essential for government cohesiveness and efficiency. To improve identity management in the federal sector, the administration wants to ‘implement the Federal identity management roadmap,’ according to a presentation released by federal CIO Vivek Kundra.
One of the major complaints about FISMA and previous federal cyber security efforts, is the reliance on compliance instead of focusing on real-time security. The new budget calls for outcome-based security metrics and using Cyberscope and DNSSEC programs to increase cyber security.
Finally, the budget seeks to improve information sharing by utilizing the National Information Exchange Model to share information regarding cyber incidents.
Included in the recent budget announcement is also $364 million the National Cybersecurity Division of DHS and the CNCI, which was developed by the Bush administration and was predominately classified. The new budget requests $3.6 billion for CNCI funding for the 2011 fiscal year.
The Obama administration intends to release an unclassified summary of the CNCI shortly in an effort to increase government transparency.