Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybersecurity Funding

White House Proposes $10.9 Billion Budget for Cybersecurity

White House cybersecurity budget plan for FY 2023

White House cybersecurity budget plan for FY 2023

The White House on Monday unveiled President Joe Biden’s $5.8 trillion budget plan for fiscal year 2023, and cybersecurity appears to be a key priority, with a significant increase in spending compared to the previous year.

The president’s budget request includes roughly $10.9 billion for civilian cybersecurity-related activities, which represents an 11% increase compared to 2022.

A large chunk of that amount — specifically $2.5 billion — has been allocated to the DHS’s Cybersecurity and Infrastructure Security Agency (CISA). That is nearly $500 million more than in the previous year.

The funding should help improve the protection of federal infrastructure and service delivery against sophisticated cyber threats, including to “maintain critical cybersecurity capabilities implemented in the American Rescue Plan; expand network protection throughout the Federal executive Branch; and bolster support capabilities, such as cloud business applications, enhanced analytics, and stakeholder engagement.”

The budget should also help the Office of the National Cyber Director improve “national coordination in the face of escalating cyber attacks on Government and critical infrastructure.” In addition, funding has been allocated to improving the safety and security of elections, and creating public-private partnerships.

Much of the funding is dedicated to goals outlined in the cybersecurity executive order signed by President Biden in May 2021. Some of the initiatives described in the executive order were announced earlier this year, including one related to boosting the cybersecurity of National Security Systems, a federal zero trust strategy, and a cyber safety review board.

The proposal to increase the FY 2023 budget for cybersecurity comes roughly one week after the president urged U.S. companies to strengthen the security of their systems due to the increasing threat from Russia. Biden said the government had learned that Moscow may be planning a significant cyberattack.

The funding proposal also includes $215 million (an increase of $197 million) to protect sensitive agency systems and information, an additional $10 million to “build and strengthen the national cybersecurity workforce pipeline,” and an additional $36 million for ICT supply chain security.

Advertisement. Scroll to continue reading.

The budget plan names several government organizations that will receive funding to improve cybersecurity, including the Coast Guard, the Federal Aviation Administration, the Treasury Department, the Department of Justice, and the Department of Veterans Affairs.

The White House also wants to give Ukraine $682 million to “counter Russian malign influence and to meet emerging needs related to security, energy, cybersecurity issues, disinformation, macroeconomic stabilization, and civil society resilience.”

Industry professionals applaud the increased spending in cyber.

“The FY2023 budget proposal clearly demonstrates cybersecurity continues to be a top priority for the federal government,” said Mariano Nunez, CEO at Onapsis. “Repeated warnings from CISA and the Biden Administration on the Russian cyber threat over the last few weeks have heightened the state of alertness for U.S. agencies and businesses across industries, which are expecting ‘tit-for-tat’ cyber attacks from Russia in response to the economic sanctions.

“Additional funding for cybersecurity within the federal government is extremely important in this new era of interconnected risk, especially between business applications and critical operational technology infrastructure. Prioritizing the modernization of aging technology stacks will be essential to mitigate rising cybersecurity vulnerabilities, and ensure the security of the Nation’s most critical systems and applications from malicious cyber campaigns,” Nunez added.

On the other hand, Mike Wiacek, founder and CEO of Stairwell, cautioned, “You can’t just throw dollars in the form of off-the-shelf defenses against sophisticated attackers. Organizations protecting critical infrastructure need to move beyond the basics, to the point where they can rapidly consume and share threat intelligence in order to move faster than the attackers.”

Related: U.S. Gov Issues Stark Warning, Calling Firmware Security a ‘Single Point of Failure’

Related: Lawmakers Introduce Combined Bill for Strengthening Critical Infrastructure Security

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.