Cybersecurity Implications of OMB’s FY 2025 R&D Priorities

The Office of Management and Budget (OMB) recently issued a memorandum to federal Executive Branch departments and agencies outlining the Biden Administration’s research and development (R&D) priorities, which agencies should support in formulating fiscal year (FY) 2025 budget submissions. Typically, federal departments and agencies begin their future budget formations 18 months prior to the onset of that given fiscal year, so for FY 2025 agencies will have been working on these budgets since spring of calendar 2023.

Back in June, OMB published a similar memo outlining their FY 2025 cybersecurity priorities for federal agency budgets. The latest R&D priorities memo focuses on a wide range of White House multi-agency R&D priorities – from climate science to robotics – aimed at sustaining U.S. leadership in science and technology (S&T).

Several of OMB’s R&D priorities have direct and indirect impacts and implications for cybersecurity capabilities, the cybersecurity of emerging technologies and the security of S&T research and development activities.

• Advance trustworthy artificial intelligence (AI) technology: Agency budgets should fund R&D activities to support tools, methods, and regulatory regimes for mitigating AI threats, improve government functions and develop trustworthy advanced AI systems.
• Global Security and Stability: Agencies should support R&D that will create the next generation of national security technologies. Cybersecurity-related priorities include mitigating cybersecurity risks through resilient architectures; building in security by design; strengthening security and resilience for critical infrastructure, and integrating social, behavioral, and economics research. Agency R&D efforts should also address the national security impacts of autonomous systems and artificial intelligence. (Other priority emerging technology R&D areas listed include microelectronics, biotechnology, quantum information science, advanced materials, high performance computing, nuclear energy; advanced manufacturing, digital engineering and robotics.)
• Basic and Applied Research: Agency budgets should support and enhance the basic and applied research systems and organizations to sustain their effectiveness, including by supporting the industrial and academic sectors in identifying and addressing research security challenges, and incentivizing open, reproducible, and secure research practices.

This R&D budget directive underscores the ubiquitous nature and critical importance of effective cybersecurity within the ever-expanding digital nature of agency operations. This is why we continue to see growing agency cybersecurity budgets each year, with civilian agency FY 2024 cyber- budgets growing more than $1.5B from FY 2023 and Department of Defense (DoD) cyber-budgets growing nearly $1.8B from FY 2023 to FY 2024.

Federal agencies are pursuing greater capacities to secure their digital infrastructure and information as well as infuse secure practices into their processes and the products they procure from industry. These agencies will continue to look to innovators within industry and elsewhere to supply the products, services and expertise to achieve their cyber and S&T goals.