Upload File

2015 unclassified federal government cyber security spending

  • Home
  • Documents
  • 2015 Unclassified Federal Government Cyber Security Spending
2
June 2016 Issue #17 1100 North Glebe Road, Suite 1010, Arlington, VA 22201 | Tel: 703.224.4407 | Fax: 703.224.8001 | [email protected] © 2015 The Soter Group. All Rights Reserved. 1 The Soter Group Perspectives – Unclassified Federal Government Cyber Security Spending Reported fiscal year (FY) 2015 unclassified Federal government cyber security spending is up 3% year- over-year to $13.1 billion. The President’s Budget Request for FY17 includes $19 billion in funding for cyber security activities. Unclassified Federal government cyber security spending showed modest growth in FY15 – increasing 3% to $13.1 billion versus the previous full fiscal year. FY15 also marked the first fiscal year that Federal civilian cyber security spending eclipsed $4 billion. While cyber security spending has oscillated around roughly $12 and $13 billion over the last several years, the FY17 budget request indicates the Federal cyber security market may be reaching a new inflection point – perhaps akin to the inflection point between FY09 and FY10 precipitated by the Comprehensive National Cybersecurity Initiative (CNCI). The $19 billion budget request to support cyber security activities marks a significant departure from the spending pattern of the post-CNCI era. FY09 FY10 FY11 FY12 FY13 FY14 FY15 FY16 (Enacted) FY17 (Request) FY15 v. FY14, % Δ Total Unclassified Federal Cyber Security Spending $6.8 $12.0 $13.3 $14.6 $10.3 $12.7 $13.1 $14.1 $19.0 +3% Of Which: Dept. of Defense (DoD) $4.2 $9.5 $10.1 $12.1 $7.1 $9.0 $9.1 TBD TBD +2% Of Which: Federal Civilian $2.6 $2.6 $3.2 $2.6 $3.2 $3.8 $4.0 TBD TBD +7% (in $ billions) The jump in anticipated cyber security spending may sound promising to both cyber security product vendors and service providers as well as traditionally cash-strapped government program managers, but there remains a significant amount of uncertainty. How much of the $5 billion increase over current year levels is net new money? How much of the increase is a result of reorganization and reprogramming of funds – similar to what occurred nearly a decade ago? Part of this increase in funding stems from a proposed $3.1 billion IT modernization fund – which is still in flux due to political differences. Additionally, assuming it is included in the appropriations, the proportion of these IT modernization funds that would apply to cyber security versus non-cyber security activities would depend on the legacy IT systems and programs that are prioritized for modernization. Whether the large increase in funding is realized or not, there are other important trends that are indicative of Federal government cyber security priorities and initiatives. For the past several years, the Office of Management and Budget (OMB) has been using three primary categories for characterizing cyber security spending: (1) Prevent Malicious Cyber Activity; (2) Detect, Analyze, and Mitigate Intrusions; and (3) Shape the Cybersecurity Environment.

Upload: the-soter-group-llc

Post on 07-Jul-2016

84 views

Category:

Documents


1 download

Report

DESCRIPTION

This analysis by The Soter Group provides an update on unclassified cyber security spending across the Federal government - including the Department of Defense (DoD) and the Federal Civilian departments and agencies.The Soter Group provides services to both the Federal government and the commercial entities that support it. Our Commercial Services Division provides market research and assessments, competitive assessments, and strategic advisory services to commercial clients seeking to enter or grow in the Federal government security market.

TRANSCRIPT

Page 1: 2015 Unclassified Federal Government Cyber Security Spending

June2016Issue#17

1100NorthGlebeRoad,Suite1010,Arlington,VA22201|Tel:703.224.4407|Fax:703.224.8001|[email protected]©2015TheSoterGroup.AllRightsReserved.

1

TheSoterGroup

Perspectives–UnclassifiedFederalGovernmentCyberSecuritySpending

Reportedfiscalyear(FY)2015unclassifiedFederalgovernmentcybersecurityspendingisup3%year-over-yearto$13.1billion.ThePresident’sBudgetRequestforFY17includes$19billioninfundingforcybersecurityactivities.

UnclassifiedFederalgovernmentcybersecurityspendingshowedmodestgrowthinFY15–increasing3%to$13.1billionversusthepreviousfullfiscalyear.FY15alsomarkedthefirstfiscalyearthatFederalciviliancybersecurityspendingeclipsed$4billion.Whilecybersecurityspendinghasoscillatedaroundroughly$12and$13billionoverthelastseveralyears,theFY17budgetrequestindicatestheFederalcybersecuritymarketmaybereachinganewinflectionpoint–perhapsakintotheinflectionpointbetweenFY09andFY10precipitatedbytheComprehensiveNationalCybersecurityInitiative(CNCI).The$19billionbudgetrequesttosupportcybersecurityactivitiesmarksasignificantdeparturefromthespendingpatternofthepost-CNCIera.

FY09

FY10

FY11

FY12

FY13

FY14

FY15

FY16

(Ena

cted

)

FY17

(Req

uest)

FY15

v.

FY14

,%Δ

TotalUnclassifiedFederalCyberSecuritySpending

$6.8 $12.0 $13.3 $14.6 $10.3 $12.7 $13.1 $14.1 $19.0 +3%

OfWhich:Dept.ofDefense(DoD) $4.2 $9.5 $10.1 $12.1 $7.1 $9.0 $9.1 TBD TBD +2%

OfWhich:FederalCivilian $2.6 $2.6 $3.2 $2.6 $3.2 $3.8 $4.0 TBD TBD +7%

(in$billions)

Thejumpinanticipatedcybersecurityspendingmaysoundpromisingtobothcybersecurityproductvendorsandserviceprovidersaswellastraditionallycash-strappedgovernmentprogrammanagers,butthereremainsasignificantamountofuncertainty.Howmuchofthe$5billionincreaseovercurrentyearlevelsisnetnewmoney?Howmuchoftheincreaseisaresultofreorganizationandreprogrammingoffunds–similartowhatoccurrednearlyadecadeago?Partofthisincreaseinfundingstemsfromaproposed$3.1billionITmodernizationfund–whichisstillinfluxduetopoliticaldifferences.Additionally,assumingitisincludedintheappropriations,theproportionoftheseITmodernizationfundsthatwouldapplytocybersecurityversusnon-cybersecurityactivitieswoulddependonthelegacyITsystemsandprogramsthatareprioritizedformodernization.

Whetherthelargeincreaseinfundingisrealizedornot,thereareotherimportanttrendsthatareindicativeofFederalgovernmentcybersecurityprioritiesandinitiatives.Forthepastseveralyears,theOfficeofManagementandBudget(OMB)hasbeenusingthreeprimarycategoriesforcharacterizingcybersecurityspending:(1)PreventMaliciousCyberActivity;(2)Detect,Analyze,andMitigateIntrusions;and(3)ShapetheCybersecurityEnvironment.

Page 2: 2015 Unclassified Federal Government Cyber Security Spending

June2016Issue#17

1100NorthGlebeRoad,Suite1010,Arlington,VA22201|Tel:703.224.4407|Fax:703.224.8001|[email protected]©2015TheSoterGroup.AllRightsReserved.

2

TheSoterGroup

FY15showedcontinuedinvestmentinShapetheCybersecurityEnvironment,whichhasalargefocusonworkforcedevelopmentandtrainingaswellascybersecurityresearchanddevelopment.Thiscategoryaccountedfor43%oftotalspending,orapproximately$5.6billion.Theprimaryareaofgrowth,however,wasPreventMaliciousCyberActivity,whichincreased22%year-over-yearto$4.6billionthispastfiscalyear.Thisgrowthalignswithseveralmajor,on-goinggovernmentcybersecurityinitiatives,suchaslargenetworksensorprogramsandtheContinuousDiagnosticsandMitigation(CDM)program.

ItcontinuestobeadynamicperiodfortheFederalcybersecuritymarket,fromallangles–budget,policy,technology,andthreatenvironmentincluded.Muchofthiscanbeattributedtoincreasedunderstandingofthethreatandthecybersecurityproblemacrossgovernmentstakeholders;increasedcommitment,includingbudgetarycommitment,fromtheWhiteHouse,Congress,anddepartmentleadershiptoaddressthesecybersecurityconcerns;andincreasedestablishmentandformalizationofcybersecurityprogramsandorganizations–andassociatedsupportcontracts.Theimpendingtransitiontothenextadministrationisalreadyatthetopofeveryone’sminds,andonlytimewilltellwhetherthiscybersecuritymomentumandrenewedsenseofurgencypersists.

AboutTheSoterGroup

TheSoterGroupprovidesservicestoboththeFederalgovernmentandthecommercialentitiesthatsupportit.OurCommercialServicesDivisionprovidesmarketresearchandassessments,competitiveassessments,andstrategicadvisoryservicestocommercialclientsseekingtoenterorgrowintheFederalgovernmentsecuritymarket.JustinTaft,President&CEO,andPeterWong,DirectorofMarketResearch,authoredtheseperspectives.TheSoterGroupwelcomestheopportunityforourresearchtobecitedinthird-partyreports.Tolearnmore,pleasevisitwww.TheSoterGroup.comand/[email protected],pleasevisit:TheSoterGroupMarketReports.

ReportJune2016:Perspectives–UnclassifiedFederalGovernmentCyberSecuritySpending

$-

$1

$2

$3

$4

$5

$6

$7

FY13 FY14 FY15

Billion

s

GovernmentFiscalYear

UnclassifiedFederalCyberSecuritySpendingbyMajorCategory

PreventMaliciousCyberAclvity

Detect,Analyze,andMilgateIntrusions

ShapetheCybersecurityEnvironment


Navigating Unclassified Information System …...Cyber Security Challenges Navigating Unclassified Information System Security Protections 1 Vicki Michetti, DoD CIO, Director, DIB

Cyber Conflict Research Rain Ottis 5.05.2015 UNCLASSIFIED

Unclassified August 14, 2014. Unclassified Cyber Security for AFCEA 2 Cyber is derived from Ancient Greek (kyber), meaning “to steer” – Think: to pilot

Federal Bureau of Investigation Cyber Program Cyber Online Resources and Training Links FBI Boston UNCLASSIFIED

368-A Framework for Adaptvie Immune Response for Cyber ... · UNCLASSIFIED 1 UNCLASSIFIED!! AIR: A Framework For Adaptive Immune Response for Cyber Defense Paul Biancaniello1, Gary

Rhode Island Air National Guard This Overall Classification of this Briefing is: UNCLASSIFIED//FOUO Major Christopher Allen UNCLASSIFIED Current Cyber

National Cyber Security Centre Unclassified Cyber Threat ... · National Cyber Security Centre Unclassified Cyber Threat ... It also produces threat prevention and ... can however

UNCLASSIFIED December 2010 Is N.I.C.E.. UNCLASSIFIED THE PRESENT Comprehensive National Cybersecurity Initiative Initiative #8, Expand Cyber Education

Multinational Experiment 7 Outcome 3 – Cyber Domain ... · PDF fileUNCLASSIFIED 1 UNCLASSIFIED Multinational Experiment 7 Outcome 3 – Cyber Domain Objective 3.3 Guidelines for

Prioritizing Information Technology Spending through … · Prioritizing Information Technology Spending through Cyber Risk Assessments. 2 ... information technology ... components

DoD Cyber Excepted Service (CES) Personnel System · Workforce Orientation 1. UNCLASSIFIED UNCLASSIFIED Agenda •Introduction •Cyber Excepted Service Overview •Key Roles •Implementation

A Common Cyber Threat Framework - dni.gov ·  · 2017-05-02A Common Cyber Threat Framework ... support analysis 3/13/2017 3. UNCLASSIFIED Cyber Threat Framework ... Layer 3 Layer

Coremetrics Benchmark TM Cyber Monday Report 2010fileName=benchmark-2010-cybe… · Cyber Monday 2010 Compared to Cyber Monday 2009 (year/year): • Consumer Spending Increases: Online

Navigating Unclassified Cyber/Information Security Protections · Navigating Unclassified Cyber/Information Security Protections Network Penetration Reporting and ... Controlled Unclassified

CYBER ATTRIBUTION USING UNCLASSIFIED DATA …2 CYBER ATTRIBUTION USING UNCLASSIFIED DATA Abstract It has become almost systemic for people to immediately question, “Who did it?”

Navigating Unclassified Cyber/Information Security Protections · Navigating Unclassified Cyber/Information Security Protections Network Penetration Reporting and Contracting for

Optimizing Cyber Capabilities Through Software ...UNCLASSIFIED LANDWARNET 2011 UNCLASSIFIED 2 TRANSFORMING CYBER WHILE AT WAR David Levine, CECOM, Software Engineering Center •WIN-T

U.S. Army Cyber Center of Excellence and Fort Gordon · UNCLASSIFIED UNCLASSIFIED 1 Cyber Quest 2018 TechNet Briefing MAJ Scott MacPherson Cyber Quest EXCON Chief US Army Cyber Center

The Department's Unclassified Cyber Security Program ... · Evaluation Report The Department's Unclassified Cyber Security Program - 2012 DOE/IG-0877 November 2012 U.S. Department

UNCLASSIFIED Col Kevin Wooton Commander 31 May 2011 Overall Classification: UNCLASSIFIED 67th Network Warfare Wing The Air Force’s Cyber Ops Wing

17C Cyber Operations Specialist - ArmyReenlistment.com Reclassification Brief... · UNCLASSIFIED UNCLASSIFIED3 To Familiarize Soldiers and Leaders with the new 17C Cyber Operations

Track 6: C4ISR Materiel Enterprise: Transforming Cyber … · 2011-10-17 · UNCLASSIFIED LANDWARNET 2011 UNCLASSIFIED TRANSFORMING CYBER WHILE AT WAR Track 6: "C4ISR Materiel Enterprise:

UNCLASSIFIED Evolving CyberEvolving Cyber Threatsaapa.files.cms-plus.com/PDFs/CYBER PUBLIC MEETING CGCYBER BRIEF v1.pdf · UNCLASSIFIED Evolving CyberEvolving Cyber Threats to the

UNCLASSIFIED Cyber Excepted Service (CES) HR ......UNCLASSIFIED UNCLASSIFIED Pre-Decisional Involvement (PDI) of Labor Representatives and Program Development • DoD engaged with

Unclassified - AFCEA International · Unclassified Unclassified 4 Cyber Resilience Strategy Cyber resilience is the Navy’s long-term strategy CYBER RESILIENCY APPROACH Cyber situational

UNCLASSIFIED Cyber Excepted Service (CES) HR Elements Course · UNCLASSIFIED Cyber Excepted Service (CES) HR Elements Course Lesson 3 Occupational Structure September 2017 DoD CIO

Automated Cyber Red Teaming - DTIC · UNCLASSIFIED UNCLASSIFIED Automated Cyber Red Teaming Executive Summary Cyber Red Teaming (CRT) is a common activity performed within large organisations

"AIR: A Framework For Adaptive ... - atl.external.lmco.com · UNCLASSIFIED 1 UNCLASSIFIED!! AIR: A Framework For Adaptive Immune Response for Cyber Defense Paul Biancaniello1, Gary

Cyber Quest 2020 Industry Day - AFCEA · 2019. 8. 21. · As of: 8/21/2019 8:22:17 AM UNCLASSIFIED UNCLASSIFIED Timeline Broad Agency Announcement published –NLT 9 Aug 2019 Cyber

UNCLASSIFIED Cyber Excepted Service (CES) HR ......CES HR Elements Course for HR Practitioners! 6 UNCLASSIFIED UNCLASSIFIED Course Evaluation 7 T OF of 1 xxxx T OF of 'VENT 1 xxxx

UNCLASSIFIED Coast Guard Cyber Commandaapa.files.cms-plus.com/SeminarPresentations/2011Seminars... · Coast Guard Cyber Command Cyber Awareness Briefing October 2011 . UNCLASSIFIED

DoD Cyber Excepted Service Program Way Ahead · 2020-07-10 · Cyber Excepted Service (CES) Train the Trainer Course UNCLASSIFIED 1. UNCLASSIFIED ... CES Department of Defense (DoD)

CYBER ATTRIBUTION USING UNCLASSIFIED DATAcyber criminals initiated criminal cyber activity against US based cyber systems. We found that there is a benefit to accurate attribution

UNCLASSIFIED Coast Guard Cyber Command · UNCLASSIFIED Coast Guard Cyber Command Driving Mission Execution CAPT John Felker Deputy Commander, CGCYBERCOM June 2011. UNCLASSIFIED Cyber

Army Enterprise Email, Technical and Program SupportTRANSFORMING CYBER WHILE AT WAR UNCLASSIFIED LANDWARNET 2011 UNCLASSIFIED Project Summary Enterprise Email migration begins with