The president’s budget proposal asks for more than $9.6 billion for Defense Department cyber operations and just over $1 billion for civilian cybersecurity efforts.
The administration released an outline of the president’s 2020 budget request Monday, with all the expected nods to cybersecurity but short on details or new initiatives.
Agencies are expected to release more detailed breakdowns next week but the early look gives a topline summary of the administration's budget priorities.
Most of the references to cybersecurity center on modernizing agencies’ IT infrastructure and the associated security benefits. The document also notes the administration has released a number of new and updated policies around cybersecurity, including guidance on redefining and better protecting high-value digital assets and improving credential, identity and access management.
The biggest cyber-centric budget requests were for the Defense and Homeland Security departments.
“For cyber, the budget continues to integrate efforts and operationalize U.S. cyber strategy, while scaling artificial intelligence throughout the [Defense] Department,” the document states. “The budget funds these advanced capabilities,” including other military priorities, such as the Space Force, “for the force needed to achieve the objectives in the National Defense Strategy.”
Specifically, the budget request asks for $9.6 billion to defend defense networks and the nation from cyberattacks and conduct offensive operations through U.S. Cyber Command. That number is more than $1 billion above the administration’s 2019 request to Congress.
“This investment provides the resources necessary to grow the capacity of U.S. military cyber forces—including the recently elevated United States Cyber Command—invest in the cyber workforce and continue to maintain the highest cybersecurity standards at DOD,” the budget states.
The point agency for cyber issues on the civilian side, Homeland Security, would receive $1 billion to protect federal networks, as well as the nation’s critical infrastructure.
“These resources would increase the number of DHS-led network risk assessments from 473 to 684—including assessments of state and local electoral systems—as well as for additional tools and services, such as the EINSTEIN and the Continuous Diagnostics and Mitigation programs, to reduce the cybersecurity risk to federal information technology networks,” according to the budget request.
The request also looks to fill the cybersecurity skills gap in government by supporting Homeland Security’s Cyber Talent Management System, which allows the agency to circumvent certain hiring restrictions and pay ceilings when onboarding people with cybersecurity skills. Using this authority, Homeland Security plans to hire at least 150 cybersecurity employees in 2020.
And the Rest
The Energy Department budget includes a request for $156 million for the new Office of Cybersecurity, Energy Security and Emergency Response to “support early-stage R&D activities that improve cybersecurity and resilience to enable the private sector to harden and evolve critical infrastructure.”
The Justice Department’s budget section mentions the agency’s investigative and prosecutorial role in cybersecurity, but only in passing, in the context of national security:
The Federal Bureau of Investigation has responsibility for protecting U.S. citizens from harm both at home and abroad. In support of this vital work, the budget provides $9.3 billion in salaries and expenses for the FBI. These resources would maintain and expand efforts across a wide array of important mission areas, including cybersecurity, transnational organized crime, and background checks for firearms purchases.
Similar to Justice, the Treasury Department section includes cybercrime investigations as part of its mission, including requesting $125 million for the department’s Financial Crimes Enforcement Network, or FinCEN, which handles cryptocurrency and combats digital crime. The budget also asks for $13 million for the Office of Critical Infrastructure Protection and Compliance Policy “to enhance the department’s capacity to identify and remediate new vulnerabilities before they can be exploited.”
And the Transportation Department budget request mentions cybersecurity as part of its IT modernization efforts, for which $502 million is proposed to be set aside in a working capital fund.
Editor's Note: This story has been updated to clarify the status of the full budget proposal.