Protecting military networks in fiscal 2012 would cost nearly $1 billion more than the Pentagon publicly reported last month, an increase that reflects the growing number of programs being re-categorized as cybersecurity-related, agency officials said.
When the Obama administration released its 2012 budget in mid-February, the Pentagon announced it was requesting $2.3 billion to bolster network security within the Defense Department and to strengthen ties with its counterparts at the Homeland Security Department, which is responsible for overseeing civilian cybersecurity.
But on Wednesday, Pentagon officials told Nextgov that the total request for boosting cybersecurity is $3.2 billion, including information assurance activities, program elements dispersed across the Defense services and agencies, and non-information assurance initiatives that are critical to the department's cyber stance. Based on the new figures, the military is proposing to spend more than three times the $936 million that DHS is requesting for cyber operations.
"The previous number $2.3 billion reflects a partial picture of the DoD [information assurance] budget request," Defense spokeswoman April Cunningham said.
"The department recognizes that there are other activities not traditionally captured as part of its information assurance budget that are integral to its overall cybersecurity posture," she explained. "The department is in the process of assessing whether the IA justification book should be expanded to include these additional cybersecurity items in future submissions."
According to the Pentagon's budget justification, the $2.3 billion first reported would go toward departmentwide information assurance programs, such as public key infrastructure, or digital certificates. Other projects funded through this pool of money would include the Comprehensive National Cybersecurity Initiative, a White House-level effort; defense industrial base cybersecurity, for private sector assets that support the military; and the Defensewide information systems security program.
In addition to the $2.3 billion reported last month, Defense is requesting more than $500 million in funding for about 75 activities that involve communications security at specific agencies and services. "Because the funding related to information assurance for these programs is only a portion of the programs' funding request, the funding is not readily identifiable in the DoD budget exhibits," Cunningham said.
Rounding out the $3.2 billion total is $444 million that would cover cybersecurity elements outside traditional information assurance accounts, such as cyber operations, security innovations and forensics. Specifically, those initiatives include the Defense Cyber Crime Center, the relatively new U.S. Cyber Command, and science and technology investments targeted at cyber tools.
Cunningham noted that all such details are provided to Congress in a classified budget book.
The Pentagon's $3.2 billion cyber request represents a roughly 2 percent increase over fiscal 2011 spending levels, according to the department. Meanwhile, if DHS gets the $936 million it has requested for network security, that would equate to a 12 percent increase over funding enacted the last time Congress passed full-year appropriations in 2010.