Civilian Cybersecurity Budgets Sustain Double-Digit Growth in FY 2024
Published: March 30, 2023
Federal Market AnalysisBudgetCybersecurityInformation Technology
Federal Civilian departments plan to spend almost $13B for cybersecurity in the coming fiscal year.
Bolstering the cybersecurity posture of federal agencies is a continued theme throughout the recently released FY 2024 President’s Budget Request, as the Biden Administration presents its discretionary and IT budget priorities for the coming fiscal year (FY).
Civilian Department Cybersecurity
The budget request released by the Office of Management and Budget (OMB) in mid-March includes more than $12.7B for Civilian agency cybersecurity-related activities. The budget comes within a week of the White House releasing their National Cybersecurity Strategy to address complex cyber threats and to secure U.S. digital technologies.
The proposed $12.7B for Civilian agency cybersecurity would be an increase of more than $1.5B from the FY 2023 estimated level of $11.2B and would represent 14% growth from the current FY. This planned double-digit growth for FY 2024 would mark the second year in a row that total Civilian agency cybersecurity budgets grow at greater than 10% in aggregate. If agency estimates for the current FY are on target, Civilian cyber budget growth in FY 2023 is 12% over FY 2022. And if agencies receive from Congress what they are requesting for FY 2024 it would represent 27% more than they spent in FY 2022. (See chart below.)
The FY 2024 budget invests in cybersecurity to continue to attain goals set in the May 2021 Executive Order 14028, “Improving the Nation’s Cybersecurity.” Its focus is on enhancing protections through modernized defenses, improving information sharing between agencies and the private sector and strengthening agencies’ abilities to rapidly respond to incidents.
OMB is seeking to advance existing efforts to enhance agency protections and reduce risk through:
- Adopting zero trust principles and architectures, along with supporting technologies that are built and deployed with security foremost in mind.
- Addressing potential security gaps in the software supply chain by shifting agencies to exclusively utilizing software developed using secure development practices.
- Improving agency capabilities to detect and respond to new threats and tactics from adversaries.
- Implementing higher levels of encryption to protect sensitive data and systems, while working to migrate to post-quantum cryptography to protect against the future threat that quantum computers may pose.
Top FY 2024 cybersecurity funding priorities include: ?
- $145M increase for the Cybersecurity and Infrastructure Security Agency (CISA) to reach $3.15B
- $425M for CISA’s new Cyber Analytics and Data System to improve cyber detection and response. ?
Top Ten Civilian Departments
The ten Civilian departments with the largest cybersecurity budgets for FY 2024 represent more than $10.3B in funding and account for 81% of the total Civilian cyber budget. Further, these top ten departments account for $1.2B of the $1.5B in total growth from FY 2023 to FY 2024.
At more than $3B, the Department of Homeland Security (DHS), with its enterprise cybersecurity mission, well exceeds the combined cyber budgets of the next two largest departments, Justice and Treasury at $1.3B and $1.0B, respectively. (See chart below.)
When taken together these top ten departments above have a combined average growth rate of 14% from FY 2023 (and +28% from FY 2022 to FY 2024), although the individual growth rates vary among departments. Other observations include:
- State, Veterans Administration and Treasury reflect the largest proportional budget gains from FY 2023 at 42%, 30%, and 17%, respectively.
- Health and Human Services and DHS also show large yearly increases of 14% and 9%, respectively.
- Commerce is the only large department slated for a cyber- budget decline for FY 2024, with a reduction of 11% compared to FY 2023. It is worth noting that DOC is estimating that they are spending $41M (+9%) more in FY 2023 than they had initially requested in the FY 2023 budget.
Waiting for Department of Defense Budget Details
Although details are currently scarce, the Department of Defense (DoD) is requesting $13.5B for FY 2024 for cyber activities across the department and military services. DoD’s full FY 2024 IT and Cyberspace Activities budget was not publicly available at the time of publishing of this article. However, DoD has said that their cybersecurity priorities continue to focus on deploying zero trust, increasing cyber defenses across all domains, and supporting greater cybersecurity of the defense industrial base and supply chain. Stay tuned for more as details emerge.
_____
For more analysis on the FY 2024 Federal Budget check out our report, FY 2024 Federal Budget Request: Priorities and Opportunities.