Connect with us

Hi, what are you looking for?



White House Outlines Cybersecurity Budget Priorities for Fiscal 2025

The White House has released a memorandum outlining the cybersecurity investment priorities for government departments and agencies for fiscal year 2025.

White House cybersecurity budget 2025

The White House this week released a memorandum outlining the administration’s proposed cybersecurity budget priorities for government departments and agencies for the fiscal year 2025. 

The priorities are consistent with the five pillars described in the National Cybersecurity Strategy: defending critical infrastructure, disrupting and dismantling threat actors, shaping market forces to drive security and resilience, investing in a resilient future, and forging international partnerships focusing on shared goals. 

Of the five pillars, the first two stand out as they involve pushing mandatory regulation for critical infrastructure vendors, and allowing a more aggressive hack-back approach when dealing with ransomware groups and state-sponsored threat actors.

In terms of defending critical infrastructure, the new memorandum on investment priorities highlights modernizing federal defenses (with a focus on zero trust), improving baseline cybersecurity requirements, and scaling collaboration between the public and private sectors. 

In the case of disrupting and dismantling threat actors, the budget memo focuses on countering cybercrime and defeating ransomware, with the goal of “mounting disruption campaigns and other efforts that are so sustained, coordinated, and targeted that they render ransomware no longer profitable”.

For the third pillar, focusing on security and resilience efforts, the White House has highlighted securing software and leveraging federal procurement to improve accountability, and using federal funding programs to ensure that security is integrated into the design and building phases of a project.

In order to create a more resilient future, the White House recommends focusing on strengthening the cyber workforce and preparing for a post-quantum future.

Advertisement. Scroll to continue reading.

The Biden administration also recommends prioritizing cybersecurity investment for forging international partnerships, specifically strengthening the cyber capacity of international partners and the United States’ ability to assist partners, as well as securing global supply chains for information, communications, and operational technology (OT) products and services. 

Departments and agencies have been advised to follow the outlined investment priorities when making budget submissions to the Office of Management and Budget (OMB) for FY 2025.

“OMB and the Office of the National Cyber Director (ONCD) will jointly review agency responses to these priorities in the FY 2025 Budget submissions, identify potential gaps, and identify potential solutions to those gaps,” the memo reads. “OMB, in coordination with ONCD, will provide feedback to agencies on whether their submissions are adequately addressed and are consistent with overall cybersecurity strategy and policy, aiding agencies’ multiyear planning through the regular budget process.”

The White House noted that a separate memorandum will be released to summarize cybersecurity research and development priorities. 

The administration has been aiming to increase cybersecurity spending, with the budget proposal for fiscal year 2024 seeking hundreds of millions of dollars of additional funding for cybersecurity projects and initiatives. 

Related: Potential Outcomes of the US National Cybersecurity Strategy

Related: Analysis: SEC Cybersecurity Proposals and Biden’s National Cybersecurity Strategy

Related: White House Cybersecurity Strategy Stresses Software Safety

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to and Exchange Online.