The White House released President Biden’s fiscal year (FY) 2023 budget request today, with a top-line number of $5.8 trillion and featuring proposals to spend $10.9 billion for civilian cybersecurity measures – marking an 11 percent increase in civilian agency cyber spending from reported FY2022 levels.
Among the civilian cybersecurity funding items are a big increase for the Cybersecurity and Infrastructure Security (CISA), additional funding for cyber education, and an emphasis on cyber funding for Federal agencies including the Departments of Energy (DOE), the Treasury, and Veterans Affairs.
“Budgets are statements of values, and the budget I am releasing today sends a clear message that we value fiscal responsibility, safety and security at home and around the world, and the investments needed to continue our equitable growth and build a better America,” President Biden said in a statement announcing the budget today.
The bulk of the bill’s funding proposal goes to defense and domestic programs, with the former totaling $795 billion and the latter accounting for $915 billion in domestic spending.
Federal IT budgets as a whole would receive an 11 percent increase over reported FY2022 levels, according to the White House’s budget documents.
“Cyber threats have become a top risk to delivering critical Government services, and this Administration is committed to addressing root cause issues and taking transformational steps to modernize Federal cybersecurity defenses,” an analysis of proposed Federal IT and cyber funding in the budget proposal reads.
CISA Cements Funding Bump
President Biden is proposing a $2.5 billion FY2023 budget for the Department of Homeland Security’s CISA budget. That budget would mark a $486 million increase in funding from the enacted FY2021 levels – the funding year used for comparison by the administration after the FY2022 omnibus bill did not pass until just weeks ago.
“Cybersecurity budgetary priorities continue to seek to reduce the risk and impact of cyber incidents based on data-driven, risk-based assessments of the threat environment and the current Federal cybersecurity posture,” the Federal IT analysis said.
While the proposed FY2023 funding level represents a bump from FY2021 levels, the number represents a slight decrease from recently enacted FY2022 levels, which appropriated CISA $2.6 billion for FY2022, ending Sept. 30.
VA Cyber and EHRM
The Department of Veterans Affairs has been in the news recently for the somewhat bumpy roll-out of its Electronic Health Record Modernization (EHRM) program.
The budget request released today includes $1.8 billion for the agency to continue its EHRM program and also provides $5.8 billion for VA’s Office of Information Technology “to prioritize cybersecurity, financial management business transformation, claims automation, and the Infrastructure Readiness program, with the mission to ensure a seamless customer experience for veterans.”
DOE’s CESER, Treasury, and NSF
President Biden’s latest budget request also proposes additional appropriations for DOE’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER), giving the office an additional $550 million for FY2023.
Of that funding, $250 million would be used for Cybersecurity for the Energy Sector Research, Development, and Demonstration Program; $250 million would be set aside for the Rural and Municipal Utility Advanced Cybersecurity Grant and Technical Assistance Program; and $50 million would be appropriated for an Energy Sector Operational Support for Cyberresilience Program.
The president’s budget request would also give the Department of Treasury $215 million for cybersecurity measures. That funding level represents $197 million more than FY2021 levels and is appropriated “to protect and defend sensitive agency systems and information, including those designated as high-value assets.”
President Biden’s funding request also provides $10 million in additional funding for the National Science Foundation (NSF) to use a variety of educational programs and recruitment techniques to build up the nation’s cybersecurity workforce.