Enabling Zero Trust: Federal Spending on Select Cloud-Based Cybersecurity Capabilities

Two years ago to this month, the White House published Executive Order 14028 Improving the Nation’s Cybersecurity. This E.O. directed federal agencies to transition to a new zero trust architecture in order to bolster the security of their networks and systems. Ever since that date, in addition to putting into place the architecture needed to enable zero trust, agencies have been adding relevant software capabilities to their portfolios. This is particularly the case with cloud-based, Software-as-a-Service (SaaS) capabilities, which the E.O. called out as priority investments.

Enabling zero trust requires a number of steps. Among those steps is ensuring that the agency has put into place endpoint protection/management, continuous monitoring, and identity/access management (IdAM) applications. Today’s post documents the extent to which agencies have been investing in these capabilities to comply with the requirements of the executive order.

Total Spending on Zero Trust-Related Capabilities

The chart below shows spending over the last three full fiscal years on the three types of SaaS capabilities that form the basis for zero trust.

As we can see from the data, agencies spent on all three types of these capabilities even before the May 2021 E.O. That spending increased in FY 2021, however, and continued to rise for continuous monitoring and endpoint protection in FY 2022. Spending on IdAM dropped some, but remained substantially higher than in FY 2020.

Spending by Solution – Identity and Access Management

In total, agencies have spent the most on Identity/Access Management ($380M). This spending is distributed as follows across the top ten solutions. This list includes only those solutions on which agencies have spent at least $1.0M. One observation of note is that in FY 2022 agencies significantly diversified the number of IdAM solutions they purchased. The number totaled 13 in FY 2021. In FY 2022, it rose to 36.

Spending by Solution – Continuous Monitoring

Total agency spending on cloud-based continuous monitoring hit $60.4M over the three years from FY 2020-2022. Federal Market Analysis has not been able to identify the specific solution on which agencies spent the most, but we can report that total spending on cloud-based continuous monitoring in FY 2020 was $15.3M. By FY 2022, it had risen to $27.4M.

Spending by Solution – Endpoint Management/Protection

Agency spending on cloud-based endpoint management/protection totaled $43.2M from FY 2020-2022. Growth in agency spending on this capability has been very strong, with total spending in FY 2020 being $6.1M. By FY 2022, that total had risen to $33M. The capabilities shown below make up the bulk of what agencies have purchased over the last three years.

Parting Thought

Agencies will continue to spend on these and other capabilities in an effort to implement the new zero trust model for federal cybersecurity. This should therefore remain a robust part of the cloud market in the years to come.