The U.S. Department of Defense is seeking $14.5 billion for its cyberspace endeavors, including safeguarding information networks with zero trust initiatives, increasing manpower and researching advanced computing.
The fiscal 2025 budget request unveiled March 11 is about $1 billion more than the Biden administration’s previous ask. It is also up from fiscal 2023, when it sought $11.2 billion.
The department is prioritizing all things cyber as competition with Russia and China grows increasingly digital. All three world powers are well known for their virtual arsenals and their desire to poke and prod without triggering armed conflict.
“The FY25 cyber activity budget focuses investments in three portfolios, covering cybersecurity, cyberspace operations and cyber research and development,” a senior defense official told reporters at the Pentagon. “Cyber capabilities will continue to be a critical component of our national defense and, accordingly, a priority in our budget.”
The Defense Department has since 2015 experienced more than 12,000 so-called cyber incidents, with annual totals steadily declining since 2017, according to a Government Accountability Office report. Defense contractors are also victims of infiltrations; their intellectual property is a top target of foreign hackers.
RELATED
To further insulate its sensitive information, the department is pursuing zero trust. Unlike older cybersecurity paradigms, zero trust assumes networks are always at risk or are already compromised, requiring constant validation of devices, users and their virtual reach.
The fiscal 2025 blueprint allocates a little more than $977 million for zero-trust transition. It also features nearly $300 million for modernized identity, credential and access management, or ICAM, a means of tailoring what information is available to a person while also keeping tabs on those plugged in.
“The cybersecurity budget request improves our cyber posture by funding the development and modernization in cybersecurity tools and capabilities and also expands investment in zero-trust technology to ensure the department can fully secure and protect” its assets, the senior official said.
A baseline level of zero trust across the department is required by 2027. Additional protections, dubbed advanced zero trust, are required down the line. Cybersecurity leaders have in the past said the looming deadlines will be challenging to meet.
Colin Demarest is a reporter at C4ISRNET, where he covers military networks, cyber and IT. Colin previously covered the Department of Energy and its National Nuclear Security Administration — namely Cold War cleanup and nuclear weapons development — for a daily newspaper in South Carolina. Colin is also an award-winning photographer.