President Biden has kicked off his presidency by proposing an investment of $10 billion to secure and upgrade federal agencies’ IT assets in response to the SolarWinds saga.Â
U.S. President Joe Biden plans to kick off his presidency by soliciting a congressional approval for an outlay of around $10 billionOpens a new window that will be used to upgrade federal information technology infrastructure and to further secure digital assets used by agencies to prevent a repeat of the SolarWinds saga that compromised the security of multiple government departments a few weeks ago.
The $10 billion spending plan, which includes a $9 billion cash infusion into the Technology Modernization Fund, was spelled out by the Biden administration almost a week before he was sworn into office. The funding indicates the upgradation of U.S. technology assets amid wide-ranging cyber threats is among the new administration’s top priorities.
The funding will form part of President Biden’s $1.9 trillion American Rescue PlanOpens a new window . It will focus strongly on ensuring that government agencies stop using legacy systems and poorly-secured IT assets to prevent sensitive data, including data associated with COVID-19 vaccine development efforts, from falling into the hands of nation-state actors.
See More: What Tech Leaders Can Learn From the SolarWinds Trojan Horse AttackÂ
Central to President Biden’s fresh proposals is the shoring up of the centralized Technology Modernization Fund with billions of dollars in added investments. The fund is accessed by government agencies from time to time to modernize their IT assets but the process is often hamstrung due to poor allocations and the need to repay the money over three to five years.Â
However, according to the Biden-Harris transition team, the new administration will call on Congress “to change the fund’s reimbursement structure in order to fund more innovative and impactful projects.†The fresh $9 billion investment will also “help the U.S. launch major new IT and cybersecurity shared services at the Cyber Security and Information Security Agency (CISA) and the General Services Administration and complete modernization projects at federal agencies.â€
Welcome, @POTUSOpens a new window ! â°â°Our team is ready to work alongside the new administration to help the nation defend against today’s threats and to build a more secure & resilient infrastructure for the future. #DefendTodaySecureTommorrowOpens a new window #InaugurationOpens a new window
— Cybersecurity and Infrastructure Security Agency (@CISAgov) January 20, 2021Opens a new window
In addition to the $9 billion, the new administration has also proposed spending $200 million as part of the Information Technology Oversight and Reform fund to enable the hiring of cybersecurity experts to support the federal Chief Information Security Officer U.S. Digital Service.Â
It has also proposed to invest $300 million in no-year funding for Technology Transformation Services to drive secure IT projects forward without the need of reimbursement from agencies, and to allocate an additional $690 million which will be used by CISA to bolster cybersecurity across federal civilian networks, and support the piloting of new shared security and cloud computing services.
See More: Cyberattacks on Critical Infrastructure to Worsen in 2021: Here’s How to Protect Your Data
The additional funding for CISA could be termed a wise move considering how the agency can play an active role in assessing U.S. critical infrastructure organizations’ cyber-preparedness and work with federal partners and concerned organizations to develop response plans.
According to Bob Kolasky, CISA Assistant Director for the National Risk Management Center, an insecure software supply chain and increasing reliance on open source libraries can expose organizations to a “digital pandemicOpens a new window †of sorts – where the ubiquity of coding flaws across connected systems creates an opportunity for cascading or correlated impact to National Critical Functions.
He added that CISA’s Information and Communications Technology (ICT) Supply Chain Risk Management Task Force can identify supply chain threats, develop guidance and tools to help ICT companies reduce risk from software supply chains, and work with federal partners in the software assurance and software bill of materials (SBOM) space to reduce the exposure to various threats emanating in the cyberspace.
“Information sharing alone will never be a silver bullet. Reducing shared cyber risk necessitates an evolved approach. It requires using the existing efforts around vulnerability management, threat detection, and network defense as a springboard for connecting the relationship between threat, vulnerability, and consequence with actionable metrics that drive decision making,†Kolasky added.
Do you think the funding proposed by President Biden is enough to meet the needs of federal agencies? Comment below or let us know on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We’d love to hear from you!