Thanks to Jeff Grove of ACM for pointing out this story (subscription req’d), by William New, in National Journal’s Tech Daily (sub req’d) covering remarks by Department of Homeland Security Chief Security Officer Jack Johnson, DHS Chief Information Officer Steve Cooper, and FAA Deputy Director Thomas O’Keefe suggesting the great need for information security professionals in government and increased cyber security research and development. Some choice quotes:
“There is an incredibly shrinking pool of IT security professionals in government,” said Jack Johnson, chief security officer at the Homeland Security Department. “The bench is not just thin; the bench is non-existent,” he added in a sports reference to backup players. “We need to train the next generation” of IT professionals.
Johnson said Homeland Security does not have the IT workforce to build the systems it needs and is “absolutely dependent” on help from the research and academic communities. The department contracts a lot of work outside government, he said, but there are a limited number of cleared contractors and high turnover of personnel.
Thomas O’Keefe, deputy director of the Federal Aviation Administration (FAA) office of information systems security, said more research and development, and more collaboration among researchers and industry, is needed on cyber security.
“The sharing amongst bad guys is growing,” he said at a SecureE-Biz.net conference. “The sharing amongst the good guys on procurement, technology and approach needs to grow at an equal or greater rate. My observation is we’re just not as good at it.”
O’Keefe said firms are reluctant to mention their vulnerabilities because it may “unnecessarily put concern in people’s minds.” His office is working with the National Science Foundation to boost cyber-security research, as it is “still very small,” he said. He and others on the panel predicted continually growing cyber attacks. “You’ve got to expect cyber storms,” he said.
The president last year signed a law authorizing a significant increase in cyber-security R&D funding, but it was not requested in the fiscal 2005 White House budget proposal.
The profile of federally funded R&D at universities and colleges that emerges from this analysis raises issues of proportionality. Specifically, in the current funding profile, approximately two-thirds of the federal funds going to universities and colleges for the conduct of R&D is focused on only one field of science life science and federal R&D funding is concentrated at only a few research universities. These findings raise questions about whether other critical national needs that have substantial R&D components (such as environment, energy, homeland security, and education) are receiving the investment they require and whether the concentration of dollars at a few institutions is shortchanging science students at institutions that receive little or no federal R&D funding.
This finding is from a recently released report (pdf) by the Science and Technology Policy Institute for the National Science Foundation.
Richard Jones of the American Institute of Physics has a good summation of the report and the questions it raises about the federal R&D portfolio here.