informa
/
4 min read
article

Budget Bill Boosts Cybersecurity Spending

Congress's $1.1 trillion spending package increases cybersecurity funding, but seeks more transparency in IT spending.

Cybersecurity operations, particularly in defense and homeland security, will get a significant injection of new funding, while IT spending across the government will stay largely level under a 2014, $1.1 trillion omnibus appropriations bill approved on Tuesday by House and Senate negotiators and passed by the Senate Thursday. Appropriators also attached more strings to IT spending under the bill to make IT programs and projects more effective and transparent, according industry analysts.

President Obama's signature on the bill was expected in time to avert any interruption in government funding Saturday at midnight.

The compromise package finances all 12 regular discretionary appropriations bills, restoring stability to government funding at least through September, and ends a long series of continuing resolutions that has funded the government.

[Don't let a perfect storm of security problems go to waste. Read: 3 Reasons Security Pros Are In The Driver's Seat Now.]

While overall Department of Defense (DOD) spending under the bill remains virtually the same as the current operating level of $487 billion, the US Cyber Command, which manages military cyberspace operations and ensures the security of DOD information networks, will receive $447 million, more than double its 2013 funding of $191 million.

In addition, the package includes $792 million for Department of Homeland Security (DHS) cybersecurity operations, an increase of $35.5 million over fiscal 2013 levels. The increase reflects appropriators' increasing priority of security-related funding.

"We've been noticing an increase in cyber spending as a general trend for the last couple of years," said Chris Wiedemann, market intelligence analyst at ImmixGroup. "I see that as codified in this bill."

While the bill provides no agency-by-agency numbers and specific designations for IT funding, Wiedemann anticipates that spending will stay level at most agencies.

"With the exception of DHS and [the Veterans Affairs Administration], I expect most departments to stay relatively flat in terms of their IT budgets," he said, which across government total $82 billion. "I haven't really seen anything to indicate that that won't continue."

Given the nature of the appropriations, "we really can't tell what that breakdown is going to be," he said. But he predicted that the share of operations spending on IT will increase.

The more significant aspect of the budget is a sign of stability. Agencies will no longer have to operate under the constraints and uncertainty engendered by recurring continuing resolutions and the prospect of government shutdowns. A sound fiscal environment could give agencies more strategic flexibility in their IT planning and spending, Wiedemann said.

"Programs that were either slated to start last year or even this year but were difficult to get up and running under a continuing resolution," may finally get underway, he said. "So we might see some more investment in new technology.

Deneice Peterson, director of federal industry analysis for Deltek, said the bill reflects an effort by appropriators to make agencies more accountable for the performance of IT projects and programs by tightening oversight.

"Congress wants to see risk-mitigation strategies," she said. "There's much more attention being paid when we see these large IT programs fail. Now more than ever they're on the radar of Congress."

She noted, for example, that the 2014 bill requires the Veterans Affairs Administration, which received $495 million for development, modernization, and enhancement of IT systems, to submit a report to House and Senate appropriators detailing how that money will be used.

Congress is "trying to put a lot more eyes on these programs before they can be approved and asking for much more detail in the deployment plan," she said.

Richard W. Walker lives in Washington, D.C., and has covered issues and trends in government technology for more than 15 years.

The NSA leak showed that one rogue insider can do massive damage. Use these three steps to keep your information safe from internal threats. Also in the Stop Data Leaks issue of Dark Reading: Technology is critical, but corporate culture also plays a central role in stopping a big breach. (Free registration required.)