On Tuesday, President Obama published an op-ed in the Wall Street Journal detailing his administration’s plans for addressing Federal cybersecurity issues. The plans included a 35% ($19 billion) increase in the cybersecurity budget, $3 billion of which would go to modernizing the computer systems of Federal agencies.
“Cyber threats are among the most urgent dangers to America’s economic and national security,” Obama wrote. His plan also includes the creation of a Chief Information Security Officer position and a bipartisan Commission on Enhancing National Security.
“It’s about time that recognition to this national economic and security issue was paid by the leader of the free world,” said Tom Kellermann, former member of the president’s Commission on Cyber Security and Chief Cybersecurity Officer for Trend Micro. Despite this praise, Kellerman worries that the plan is “completely insufficient” to address the cybersecurity needs of the nation.
“We are still spending less than 10% of our IT budget on cybersecurity,” he said of the proposed 35% budget increase.
Kellermann also worried that the proposed commission will do little to promote real change. He noted that only about 35% of the policies developed by the Commission on Cyber Security have been enacted.
Even with Obama’s proposed changes, Kellermann claimed that more action needs to be taken on an international scale: “It’s time for the gloves to come off when dealing with countries that enact cyber terror.” He added that cybersecurity’s current state will leave the U.S. military’s hands tied behind their back when dealing with foreign threats.
Kellermann listed a number of areas in which the Federal government needs to improve cybersecurity beyond the proposed plan: increased pay and scholarships for cybersecurity employees, which would attract talent; dealing with the dark Web and enacting the forfeiture of electronic assets for those who commit cyberattacks; dealing with the security threat posed by other nations; and providing an overall greater investment of funds.
“A 50% increase is the basement-level investment,” he said.
Though he commended the president for addressing cybersecurity, Kellermann said, “It’s too little too late. All administrations have been too little too late.” He acknowledged that both the proposal and the op-ed were a step in the right direction, but that step is nowhere near far enough.
“We are woefully unprepared to deal with future cybersecurity threats,” he concluded.