The Senate Appropriations Committee on Thursday approved an FY ’17 spending bill for the Department of Homeland Security (DHS) that includes $1 billion in cyber security funding for the National Protection and Programs Directorate (NPPD), about $53 million less than requested due to lags in the ability to hire personnel for cyber operations and budget constraints.
Still, the $1 billion recommendation is $186.2 million more than Congress enacted in FY ’16 and permits NPPD to begin to accelerate a federal network monitoring program as well as expand its scope.
The committee approved $281.5 million for federal network security, including $246.6 million for the Continuous Diagnostics and Monitoring (CDM) program that helps civilian agencies to monitor their networks for threats and vulnerabilities. The amount for CDM supports full implementation of phases one through three of the program and includes $81.8 million toward the new phase four.
The amount recommended for phase four is $28.2 million less than requested “due to scalability and fiscal restraints,” the committee says in its report accompanying the bill.
The recommended funding “will allow for the acceleration and availability of CDM and expand the capabilities across most of the entire civilian Federal domain, evolving beyond network protections to include data protections,” says the report. It says the data protections will be significant and expects the new capabilities “to include digital rights management, micro-segmentation, data masking, encryption and decryption, and mobile device management [that] will be accelerated and incorporated into future phases of CDM development.”
The first phase of CDM is focused on endpoint integrity to include management of hardware and software assets, configuration and vulnerability management. The second phase is focused on least privilege and infrastructure integrity, and phase three will cover boundary protection and event management for managing the security lifecycle.
The committee provides $480.5 million for the National Cybersecurity Protection, better known as EINSTEIN, $5.6 million below the request due to hiring delays. The funding will allow NPPD to continue deploying EINSTEIN’s new intrusion prevention capabilities, as well as information sharing and analytics capabilities across the federal civilian government, the report says.
“As of February 2016, approximately 33 Federal agencies, representing half of the dot-gov user population receive Einstein 3 services, and 96 percent receive basic Einstein support,” the report says.
The EINSTEIN 3 portion of the program provides threat protection capabilities and is now called EINSTEIN 3A. It uses classified information to detect and block threats. The first two phases of EINSTEIN focused on observing suspicious behavior on traffic entering federal networks and detecting potential cyber threats.
Congress appropriated $475.8 million in FY ’16 for EINSTEIN and $136.1 million for the federal network security account.
The committee’s recommendation also includes $117 million for the U.S. Computer Emergency Readiness Team, US-CERT, which is $11.8 million below the request due to hiring lags. US-CERT helps government agencies and the private sector protect their networks against emerging cyber threats, vulnerabilities, and respond to incidents. The recommended amount represents a $22.6 million increase over FY ’16 levels.
Cyber security is called the second priority in the committee’s bill behind aviation security. The report says that overall $1.5 billion is provided across DHS for cyber security efforts, $182.1 million more than provided in FY ’16.
The cyber security funding is part of an overall $41.2 billion discretionary funding bill the committee approved for DHS in FY ’17. That amount is $578 million more than requested. House appropriators haven’t marked up their version of the bill yet.