Spending for IT security gains ground in 09 budget

Cybersecurity spending now 10 percent of federal IT budget plans

The following table breaks out agency IT and IT security spending, and includes a graph of IT security spending growth; the status of IT security readiness and looks at the overall federal IT portfolio for fiscal 2009.]

If President Bush's 2009 budget request indeed reflects his priorities, then securing the government's information technology systems appears to have the president's attention.

New details on federal IT spending plans, made available by the Office of Management and Budget today, show that $103 out of every $1,000 requested for IT spending next fiscal year ' or about $7.3 billion in total ' will be devoted to improving IT security. That is 9.8 percent more than what was slated for fiscal 2008, and 73 percent more than the $4.2 billion budgeted for cybersecurity in fiscal 2004.

'Agencies have to protect information,' said Karen Evans, OMB's administrator for e-government and information technology, highlighting the Bush administration's IT spending plans. 'The budget reflects the investments necessary to improve service delivery,' but also 'to secure and protect government information.'

Among other details, OMB figures showed that of the $70.9 billion in proposed IT spending plans for fiscal 2009, 35 percent would finance development, modernization and enhancement projects. The balance would maintain ongoing or steady state projects. Collectively, 44 percent of the proposed IT investment dollars would support national security systems, 30 percent would support agency mission initiatives, 19 percent would go toward infrastructure, office automation and telecommunications, and the balance would go toward state, local and other government IT programs in the form of grants.

The new breakout of proposed spending on IT security reveals that spending ratios and proposed increases vary widely agency by agency, but it nevertheless represent a significant investment commitment.

The figures, however, also indicate that incremental IT security spending planned for next year is tied to a relatively small number of departments. And spending plans for some agencies, notably the Homeland Security Department, call for relatively small increases, given increasing concerns about cyberattacks on government networks.

That has some critics concerned that federal agencies still aren't doing enough to equip themselves to ward off network and data breaches.

About two-thirds of government's incremental IT security spending plan for 2009, for instance, is tied to the Transportation Department, which plans to more than double IT security spending over this year, to $765 million. That represents about 26 percent of the department's total IT funding request of $2.98 billion.

DOT's move to new headquarters late last year and the realignment of duties involving several thousand employees necessitated wholesale IT security changes, Evans said.

In contrast, DHS' proposed $406 million in IT security spending next year, for instance, is just 5 percent more than comparable spending plans this year ' and still represents only 7.5 percent of the total $5.4 billion DHS proposed spending on IT next year. That in part reflects the continued heavy investment DHS still has to make in consolidating infrastructure and integrating systems.

The Defense Department, meanwhile, proposes to spend 3.4 percent more on IT security next year, or about $4 billion. That's still represents about 12 percent of DOD's total IT spending plans of $33.1 billion requested next year.

The wide range of increases and proportional spending for IT security in the 2009 budget reflect the varied circumstances and IT investment priorities agencies face.
But they also reflect the progress many agencies have made in securing their systems in line with federal requirements.

While some agencies ' including the departments of Agriculture, Commerce, Interior and Veterans Affairs ' still fall short in meeting certain Federal Information Security Management Act requirements, 90 percent of systems governmentwide now meet federal security certification and accreditation requirements, OMB says.

About the Author

Wyatt Kash served as chief editor of GCN (October 2004 to August 2010) and also of Defense Systems (January 2009 to August 2010). He currently serves as Content Director and Editor at Large of 1105 Media.

inside gcn

  • smart city (jamesteohart/Shutterstock.com)

    Toolkit for building a smart city plan

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group