Feds seek 10% hike in IT security spending, as intelligence chief warns of cyberthreats

Computerworld - In the same week that Director of National Intelligence Michael McConnell warned Congress that terrorists are showing an increasing desire to use cyberattacks against the U.S., the Bush administration sent a proposed budget to federal lawmakers that calls for the government to spend one out of every 10 IT dollars on information security.

In total, the White House said this week that it will seek authorization for more than $71 billion in IT spending during fiscal 2009, which begins Oct. 1. That request represents a 3.8% increase, or $2.6 billion, over what Congress approved last year.

The budget proposal earmarks $7.3 billion for information security, a 9.8% increase over what was budgeted for the current fiscal year. If approved as is, security spending would account for 10.3% of the entire federal IT budget.

Bush's proposal also would continue a trend in which security spending has been increasing at a rate that's greater than the growth of the overall IT budget. The White House, in its budget analysis (download PDF), said that if Congress accepts the fiscal 2009 figures as proposed, IT security spending will have increased 73% over the past five years, up from a starting point of $4.2 billion in fiscal 2004. By comparison, the overall IT budget will have risen 20% during the same period.

Karen Evans, administrator of e-government and IT at the White House Office of Management and Budget, said at a press briefing on the budget today that the proposed spending levels aren't being allocated toward any particular aspect of security within federal agencies.

"The focus isn't investment-specific — it's making sure they are managing the risk associated with the services that they have," said Evans, who is the federal government's de facto CIO.

She added that as more and more government services become available online, "the agencies are very well aware of what the risks are."

McConnell testified before a Senate panel yesterday and a House committee today on his annual threat assessment report to Congress (download PDF). As part of the report, he issued a broad warning about the cyberthreats faced by both the government and the private sector, saying that potential vulnerabilities are only increasing because of globalization and the growth of computer networks.

McConnell cautioned in the report that Russia, China and other countries "have the technical capabilities to target and disrupt elements of the U.S. information infrastructure." And he said that terrorist groups such as al-Qaeda, Hamas and Hezbollah "have expressed the desire to use cyber means to target the United States."

Read more about it in government in Computerworld's IT in Government Knowledge Center.