Advisory panel recommends more federal R&D spending

The Presidential IT Advisory Committee (PITAC) has recommended the federal government sharply increase its spending on cybersecurity R&D and shift the focus to fundamental, long-term solutions to security challenges.“The IT infrastructure is highly vulnerable to premeditated attacks with potentially catastrophic effects,” PITAC warned in a letter submitting the report, titled , to the president. “These vulnerabilities put the nation’s entire critical infrastructure at risk.”Current practices of patching vulnerabilities as they are found address immediate needs, but the committee concluded that “fundamentally different architectures and technologies are needed so that the IT infrastructure as a whole can become secure.”The government has a vital role to play in supplying the intellectual capital to improve IT security, PITAC said, but in recent years its focus increasingly has been on short-term problems addressing the needs of the military and intelligence communities. The results too often are classified, and more effort is needed to transfer them into the mainstream market.The advisory committee examined funding for basic research by the National Science Foundation, the Defense Advanced Research Projects Agency, the Homeland Security Department, the National Security Agency, and the National Institute of Standards and Technology.NSF, with its $30 million Cyber Trust program, is the primary source of funds for civilian security research. PITAC recommended that the program be expanded by at least $90 million annually.The $5.47 billion NSF appropriation for fiscal 2005, approved by Congress in November 2004, is more than $60 million less than fiscal 2004 funding, and $227 million less than requested by the president.PITAC recommended that:The committee identified 10 critical areas for future research: