Government intelligence agencies devote about 15% of their annual budgets to IT -- nearly three times more than civilian agencies -- to support their missions, according to a new IDC Government Insights report. The National Security Agency (NSA) is believed to be spending twice that amount, or more than 30%.
While intelligence spending by the federal government is expected to rise by 18.8%, or about $9.5 billion, between 2013 and 2017, the IT portion of intelligence budgets is expected to grow by up to 33.6%, the report predicted. The majority of this spending will go toward additional data collection technologies and flexible, large-scale computing platforms.
The report, "Perspective: The U.S. Intelligence Budget Landscape — With IT Segmentation and Five-Year Forecast," released Dec. 11 and available for a fee, estimates that government agencies spend an average of 4.5% to 6.7% of their total annual budgets on IT products and services. The numbers are higher for intelligence agencies, since they have more need for information and data gathering technologies.
The Central Intelligence Agency spends the most of any spy agency; it requested $14.8 billion for 2013 -- nearly 70% more than the NSA, according to the report.
[Presidential advisers say government cybersecurity isn't pretty. Learn Why Fed Cybersecurity Reboot Plan Fails To Convince.]
Together, the CIA, NSA, and National Reconnaissance Office (NRO) get more than 68% of the "black" budget, which refers to the government's top-secret intelligence budget. Nearly a fourth of the government's black budget is devoted to IT products and services.
Spending by agencies just for IT security is also expected to rise, according to a second report released the same day by IDC Government Insights. IT security spending will rise from $5.9 billion in 2012 to more than $7.3 billion in 2017, or an average of about 4% per year, according to the report, "Business Strategy: U.S. Federal Government IT Security Spending Forecast and Market Outlook."
The new forecasts are based in part on documents leaked earlier this year by former NSA contractor Edward Snowden that included details on the US intelligence community's spending. The budget figures from one of those documents, called "Fiscal 2013 Congressional Budget Justification Book," show that the US budgeted $52.6 billion in fiscal 2013 to support the operations of 16 intelligence agencies. This included $14.7 billion for the CIA, $10.8 billion for the NSA, and $10.3 billion for the NRO.
The IDC Government Insights report suggests that 22.5% of the government's black intelligence budget covers IT solutions.
"For the intelligence agencies, the biggest surprise is the amount of funding needed to support the intelligence facilities and to collect data," Shawn McCarthy, IDC Government Insights research director and author of the report, told us in an email.
While IT security spending continues to climb steadily, investment patterns vary by agency, depending on existing legacy systems and what improvements need to be made.
"Many agencies are reviewing how their move to cloud-based solutions might affect their overall IT security posture, and many are finding that unified threat management (UTM) solutions are becoming increasingly popular," McCarthy said. IDC anticipates that "federal UTM spending will rise from $213.8 million in 2012 to over $541.4 million in 2017."
Most IT security spending goes toward staff salaries -- as much as 85% to 91%, McCarthy noted. That's because security scanning and proactive defense efforts require substantial amounts of manpower to set configurations and make decisions when threats are detected.
"For general IT security, the story is somewhat similar. IT infrastructure maintenance is the top security-related line item at many agencies. This shows that keeping systems in good condition, with the proper patches and software updates in place, is key to keeping systems secure," McCarthy said.
When it comes to long-term growth for security spending, the report forecasts that staffing will grow to $6.2 billion by 2017; firewall spending will increase to $249.6 million; intrusion detection and prevention will rise to $226.3 million; and virtual private network spending will grow to $80.9 million.
Elena Malykhina has written for The Wall Street Journal, Scientific American, Newsday, and AdWeek. She covers the federal government, including NASA's space missions, for InformationWeek.
The NSA leak showed that one rogue insider can do massive damage. Use these three steps to keep your information safe from internal threats. Also in the Stop Data Leaks issue of Dark Reading: Technology is critical, but corporate culture also plays a central role in stopping a big breach. (Free registration required.)