Deltek Projects Growth in Federal Cybersecurity to be Sustained by IT Modernization

Constant and elusive threats, high-profile data breaches, rapidly increasing interconnectivity, and the dependence on technology and data make securing federal information systems one of the highest federal priorities, as demonstrated by policy directives from the White House and other agencies. To address their information security gaps, agencies continue to look to industry partners for the knowledge, skill sets, services, processes, and tools necessary to mount both defensive and offensive cybersecurity capabilities with increasing effectiveness.

Deltek’s report Federal Information Security Market, FY 2017-2022 examines the trends and drivers shaping the federal information security marketplace and provides a forecast for the next five years. Taking a comprehensive perspective on the federal cybersecurity market, we see six major drivers that continue to create demand for government-wide and agency budget investments:

• Threat Environment – The complex and diverse threats to networks, devices, data and infrastructure.
• Leadership/Workforce – Efforts to establish the leadership and skilled workforce to meet the challenge.
• Technology Policy – Security compliance, standards, and management policies addressing government-wide priorities.
• Acquisition Policy – Information security is a growing requirement within acquisition policy.
• Organizational Strategies – The strategies, organizations, programs, and legislative provisions to increase cybersecurity.
• Technology Solutions – Technical remedies to improve security and emerging technologies that require security for greater adoption.

Given these drivers, Deltek forecasts the demand for vendor-furnished information security products and services by the U.S. federal government will increase from $10.0 billion in FY 2017 to $12.9 billion in 2022 at a compound annual growth rate (CAGR) of 5.2%. (See chart below.)

Key Findings

• Federal IT modernization efforts are increasingly driven by the desire to improve cybersecurity across federal IT.  This will drive funding, technical approaches (e.g. shared services) as well as efficiencies in acquisition strategies (e.g. EIS.)
• Due to recent commercial and federal breaches, expect Congressional oversight for cybersecurity issues to remain strong.  Cybersecurity investments by agencies will likely be applauded and under less budget pressure compared to other planned agency investments, although discretionary budget uncertainty remains.
• The administration and agencies are working to carryout initiatives to strengthen the federal cybersecurity workforce.  However, this talent pool is in high-demand making it difficult for the government to fill all open positions. 
• Proposed organizational changes at DHS and elsewhere could centralize pockets of opportunity for cyber- tools and support services and expand demand. However, increased centralization could also increase competitive pressures.
• DoD component Cyber Mission Force teams will finish building out their personnel rosters early in the forecast period, further solidifying their operational capacities and aiding in integration of defense cyber capabilities.
• The Continuing Diagnostics and Mitigation program will continue to evolve, both technically and acquisition-wise. The acquisition shift from BPA to more open vehicles unlocks the door to competition.

Federal leaders are focused on enhancing agency cybersecurity posture at every possible level, attempting to overcome capability gaps, budget constraints, organizational challenges, and regulatory hurdles. The threats – both external and internal – to data and systems continue to grow in frequency, sophistication, and scope, driving the demand for effective approaches to detect, defend, mitigate, and respond. The challenge is magnified by the complexity of the federal IT environment where agencies are seeking to deploy the latest mobile, data-driven, and cloud-based technologies alongside legacy systems and environments.

Within this complex and challenging environment the White House, the Office of Management and Budget (OMB), the Department of Homeland Security (DHS), the Department of Defense (DoD), and others are reevaluating federal cybersecurity policies and posture and have indicated a course that includes risk management, shared cybersecurity services, and large-scale IT modernization across the government.

These broad priorities will both sustain investment and disrupt some traditional areas of information security, driving competition and providing significant contracting opportunities over the next several years.

Get more of our perspective in the full report Federal Information Security Market, FY 2017-2022.