recommended reading

Pentagon seeks $3.2 billion for revised cyber budget

Protecting military networks in fiscal 2012 would cost nearly $1 billion more than the Pentagon publicly reported last month, an increase that reflects the growing number of programs being re-categorized as cybersecurity-related, agency officials said.

When the Obama administration released its 2012 budget in mid-February, the Pentagon announced it was requesting $2.3 billion to bolster network security within the Defense Department and to strengthen ties with its counterparts at the Homeland Security Department, which is responsible for overseeing civilian cybersecurity.

But on Wednesday, Pentagon officials told Nextgov that the total request for boosting cybersecurity is $3.2 billion, including information assurance activities, program elements dispersed across the Defense services and agencies, and non-information assurance initiatives that are critical to the department's cyber stance. Based on the new figures, the military is proposing to spend more than three times the $936 million that DHS is requesting for cyber operations.

"The previous number $2.3 billion reflects a partial picture of the DoD [information assurance] budget request," Defense spokeswoman April Cunningham said.

"The department recognizes that there are other activities not traditionally captured as part of its information assurance budget that are integral to its overall cybersecurity posture," she explained. "The department is in the process of assessing whether the IA justification book should be expanded to include these additional cybersecurity items in future submissions."

According to the Pentagon's budget justification, the $2.3 billion first reported would go toward departmentwide information assurance programs, such as public key infrastructure, or digital certificates. Other projects funded through this pool of money would include the Comprehensive National Cybersecurity Initiative, a White House-level effort; defense industrial base cybersecurity, for private sector assets that support the military; and the Defensewide information systems security program.

In addition to the $2.3 billion reported last month, Defense is requesting more than $500 million in funding for about 75 activities that involve communications security at specific agencies and services. "Because the funding related to information assurance for these programs is only a portion of the programs' funding request, the funding is not readily identifiable in the DoD budget exhibits," Cunningham said.

Rounding out the $3.2 billion total is $444 million that would cover cybersecurity elements outside traditional information assurance accounts, such as cyber operations, security innovations and forensics. Specifically, those initiatives include the Defense Cyber Crime Center, the relatively new U.S. Cyber Command, and science and technology investments targeted at cyber tools.

Cunningham noted that all such details are provided to Congress in a classified budget book.

The Pentagon's $3.2 billion cyber request represents a roughly 2 percent increase over fiscal 2011 spending levels, according to the department. Meanwhile, if DHS gets the $936 million it has requested for network security, that would equate to a 12 percent increase over funding enacted the last time Congress passed full-year appropriations in 2010.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.


When you download a report, your information may be shared with the underwriters of that document.