Bush budget extends life of critical infrastructure office
The budget proposal issued last week by President Bush revives a coordinating office for federal initiatives on the protection of the nation's critical infrastructure, but the structure of the office has not been determined.
Under the Bush budget, the Critical Infrastructure Assurance Office (CIAO), launched by President Clinton and slated to end this year, would receive $5 million. That is the same amount the office got in 2001. It received $6 million in 2000.
"The administration has decided to provide funding for the CIAO for the next fiscal year," said CIAO director John Tritak. But while CIAO has a clear mission, he said, an overall administration review of critical infrastructure and national security policies now underway likely will result in some modification of its mission. The review is not expected to be complete until late summer, sources said.
"The picture's not going to be complete for a couple of months," said Frank Cilluffo, deputy director of the Global Organized Crime Project at the Center for Strategic and International Studies. He noted that a lot of defense spending is on hold until Defense Secretary Donald Rumsfeld completes his review.
Cilluffo said he has recommended to the President that he create an assistant to the President to outline a vision, a plan and a budget for cybersecurity issues. The position would be under a federal chief information officer or separate from it, he said.
Tritak said there must be a "single point of contact" to coordinate between the federal government's "naturally occurring stovepipes."
This echoes a view expressed by National Security Adviser Condoleezza Rice in her first speech, given at the Partnership for Critical Infrastructure annual meeting last month. "We know that no single government agency can handle critical infrastructure assurance all by itself," Rice said then. "But it is also true that we can't have as many solutions as there are federal agencies."
Figures for cyber-security programs throughout government are not readily available in the Bush budget.
For instance, at the FBI, which operates the National Infrastructure Protection Center (NIPC), figures are not available for fiscal 2001 or fiscal 2002, according to spokeswoman Debbie Weierman. The NIPC handles computer-intrusion cases involving hacking, viruses and denial of service.
The center received $13.7 million in fiscal 1998, $16.06 million in fiscal 1999, and $19.77 million in fiscal 2000, she said. Weierman said the FBI had no comment on this year's proposed budget.
In its budget breakout, the General Services Administration did not specify funding for the Clinton administration's critical infrastructure protection program or developing the federal public key infrastructure (PKI). The PKI initiative requires development of an interoperable, government-wide key designed to provide basic security services through digital signatures and encryption, according to GSA.
GSA has requested $6.5 million for the Federal Computer Incident Response Center, the government's central facility for coordination and analysis for computer security issues affecting civilian and federal agencies.
The National Security Council Office of Transnational Threats under Senior Director Dick Clarke also would receive funding for critical infrastructure, but an administration official said the specific amount is not available. "That's a very difficult exercise," he said.