One of the Federal government’s top cybersecurity officials said today that the Biden administration is requesting roughly $12 billion in fiscal year (FY) 2024 funding in connection with efforts to roll out zero trust security across the entire government, and voiced concern about the fate of the security push if Congress acts to roll back government funding levels to FY2022 levels.
Speaking at an event organized by the Alliance for Digital Innovation (ADI) in San Francisco to coincide with the RSA Security Conference, Federal Chief Information Security Officer (CISO) Chris DeRusha tallied up the zero-trust related spending requests based on figures in the Biden administration’s FY2024 spending request published last month.
DeRusha, who also serves as the deputy national cyber director, said that “not every cybersecurity investment in an agency is going to be a zero trust investment.”
But he said, “what we learned in the process by looking at the numbers in the end is … it’s about half” of the total proposed $12 billion cybersecurity spend for Federal civilian agencies.
By going through budget exercises, he said he learned “how much of that overall 12-point-billion plus that we were asking for FY24, how much of that were tied explicitly, directly to capabilities that we’re driving for” through the zero trust strategy.
That figure, he said, is about $5.8 billion, or “just under half of the overall Federal civilian request.”
“I’m also leaving out the DoD [Defense Department] and IC [Intelligence Community] side of this,” he continued. “If you look at the whole government pie, it’s actually like more than double that even” – leading to a whole of government spending request related to zero trust security in the neighborhood of $12 billion for FY2024.
DeRusha also worried about the impact of Congress acting to revert to FY2022 spending levels for the Federal government, as some Republican lawmakers have recently suggested in conjunction with increasing the national debt ceiling.
“When we get to the 24 cycle … I’m a little worried when we hear talk about potentially cutting cyber dollars back to 22 levels,” DeRusha said.
“I mean, I hope everybody’s paying attention to that because, you know, we’ve done really hard work to say we need an extra $2.7 billion … to move the Federal government forward to be able to secure ourselves [against] serious adversaries,” he said.
“We can’t go backwards,” DeRusha declared. “We’ve got to continue to plow forward and sustain these investments that we’ve asked for in 24.”
“I am a bit concerned about that,” the Federal CISO said.