Cybersecurity is a key part of the White House’s proposed FY 2023 budget with a $2.5 billion allocation headed toward the Cybersecurity and Infrastructure Security Agency (CISA) should the spending plan receive Congressional and executive approval.
The $2.5 billion represents a $500 million bump from CISA’s current budget. Also of note: The CISA's work extends far beyond government agencies. The organization also works closely with vendors and MSSPs to mitigate risks involving U.S. infrastructure.
With the backdrop of President Biden’s cybersecurity executive order in May, 2021 and the federal government’s new zero trust initiative for federal agencies, CISA stands to reap significant benefits from the budget framework.
However, FY budget proposals typically go through a long list of amendments and some posturing by both sides of the aisle before they end up on the President’s desk to sign into law. There’s no reason to think this one will be any different. On the other hand, cybersecurity has moved up the line in lawmakers’ priorities so the numbers could withstand partisanship criticism.
With that said, let’s look at the particulars at this initial stage of the process:
- $10.9 billion in cybersecurity-related spending in 2023, including funding for agencies to shift toward zero trust security architectures. The proposed allocation amounts to an 11 percent increase over last year’s $9.8 billion. The money is expected to be directed at maintaining advances from the American Rescue Plan Act, expand cybersecurity defenses in federal agencies, and moves ahead on cloud business applications and enhanced analytics.
- Funding to add 340 employees at CISA, bringing the total to 2,740 in 2023.
- $1 billion to enhance cyber risk analysis capabilities, fortify the security posture of federal government networks and defend IT infrastructure.
- $8 million to fully operationalize the CISA Cybersecurity Advisory Committee and Cyber Safety Review Board and to create an Advisory Council Program Management Office.
- $425 million for the Continuous Diagnostics and Mitigation program to fortify the security posture of federal government networks and systems and provide CISA with visibility into unauthorized, potentially malicious or adversary activity targeting Federal networks.
- $175 million for infrastructure security efforts to secure and increase resilience for privately-owned critical infrastructure through risk management and collaboration with the critical infrastructure community.
- An allocation of $22 million to the Office of the National Cyber Director, a slight uptick from the $21 million dedicated to launching the center. The funding will be used in part to add two people to the workforce, raising the total number of employees to 77.
The administration’s overall ask for IT-related initiatives at civilian agencies is $65 billion, spanning 24 agencies. Nearly 750 of the investments are categorized as “major.” DHS' share of the pie could amount to $97.3 billion, an increase of $6.5 billion from the FY 2022 budget.