The president’s FY 2017 budget, released today, includes cybersecurity as a national priority. The budget would invest $19 billion in overall federal resources for cybersecurity that are intended to support a broad-based cybersecurity strategy for securing the government, enhancing the security of critical infrastructure and important technologies, investing in next-generation tools and workforce, and empowering Americans. In particular, this funding would support a newly announced Cybersecurity National Action Plan (CNAP), which is intended to take near-term actions and put in place a long-term strategy to enhance cybersecurity awareness and protections; protect privacy; maintain public safety, as well as economic and national security; and empower Americans to take better control of their digital security. The awareness campaign will focus, for example, on moving beyond just passwords and adding an extra layer of “multi-factor authentication” security measures (i.e., combining a strong password with additional factors, such as a fingerprint or a single-use code delivered in a text message, Americans can make their accounts even more secure).
Highlights of the CNAP include the establishment of a Commission on Enhancing National Cybersecurity and a Federal Privacy Council, and the creation of a new $3.1 billion revolving fund, the Information Technology Modernization Fund, to retire the government’s antiquated IT systems and transition to more secure and efficient modern IT systems. The Commission will make recommendations on actions that can be taken over the next decade to strengthen cybersecurity in both the public and private sectors while protecting privacy; maintaining public safety and economic and national security; fostering discovery and development of new technical solutions; and bolstering partnerships between federal, state and local government and the private sector in the development, promotion and use of cybersecurity technologies, policies, and best practices.