recommended reading

Cyber protections might accidentally tumble down fiscal cliff


The good news: Government cybersecurity spending could jump by more than 9 percent in fiscal 2013. The bad news: If Congress falls over the fiscal cliff, then across-the-board cuts to federal information technology programs could inadvertently chop off protective components of systems.

President Obama’s budget proposals for military and civilian agency data defenses, combined with warnings about cyberwarfare, ordinarily would increase cyber funding by 9.1 percent annually, with spending reaching $13.3 billion in fiscal 2015, according to market research firm Deltek.

A continuing resolution that funds the government through March 27, 2013, already has banked away $328 million for Homeland Security Department network security deployments, plus $218 million for “continuous monitoring” of federal systems and intrusion detection programs. The military is devoting more than $3 billion annually to cybersecurity, Defense Secretary Leon Panetta said on Oct. 11. And Obama has requested a jaw-dropping 74 percent increase to the Homeland Security cyber budget for fiscal 2013, DHS Secretary Janet Napolitano said Sept. 28.

Despite all this, if Congress fails to broker a deficit reduction deal, then sequestration will near-evenly hack off $109 billion from Pentagon and nondefense accounts at the start of January 2013 -- including cyber elements.

“Generally speaking cyber will be subject to the same kind of cuts that everything else will,” said Trey Hodgkins, senior vice president for global public sector government affairs for trade association TechAmerica. “At best you would see a downturn and then a leveling off” in computer security spending. TechAmerica analysts decided to stop delineating annual dollar figures for cyber programs because, they argued, network protections increasingly are inseparable from IT expenditures. In other words, if an IT program is cut, then the cyber components will be zeroed out too.

Deltek analysts who calculated the spike in spending absent sequestration are more optimistic about cybersecurity clearing the cliff.  “The executive branch will salami-slice virtually every non-exempt account in about the same way. But they have not revealed how the pain will be allocated among the programs within any one account. I think that cyber programs will fare well in that allocation and many of them will grow,” said Ray Bjorklund, chief knowledge officer for Deltek.

Hodgkins agreed that agencies can shelter programs clearly identified as cybersecurity-related, by cutting less important activities inside the same account, but he added most cyber dollars are no longer demarcated that way. “There’s been a very conscious effort to proactively build that security in -- whether it’s a device, or a system or the cloud -- on the front end, not something that’s added on, on the backend,” he said. TechAmerica “did not try to make a forecast for cyber spending this year because the dollars have become so embedded in the programs.”

In October 2011, TechAmerica Foundation expected the accelerating severity of breaches to bolster Defensewide cyber spending -- totaling more than $13 billion annually by fiscal 2016 if the country suffers a cyberattack resembling what Panetta often refers to as the next Pearl Harbor.

Hord Tipton, a former Interior Department chief information officer, said he would be surprised to see much, if any, increase in cyber spending during the next few years. “It is likely that security budgets will remain level or demonstrate a slight increase, with a focus on the more critical areas such as agencies associated with critical infrastructure protection,” or defenses for industrial computers essential to American life, like transportation systems, he said.

Tipton experienced a period of frozen federal assets while serving as a Bureau of Land Management assistant director during a government shutdown that lasted from Dec. 16, 1995, to Jan. 6, 1996.

Under the cliff, “Defense cyber spending will be slightly higher, and civilian spending could actually drop,” said Tipton, currently executive director of (ISC)2, an association that issues cybersecurity specialist credentials. Agencies may be hard-pressed to find additional money for continuous monitoring hardware -- the sensors and other tools that enable real-time tracking of security risks, he said. They also may struggle to find “adequately trained and certified security personnel that come with a high-price tag,” he added.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.


When you download a report, your information may be shared with the underwriters of that document.