Attacks and Vulnerabilities
CISA
Control device security
Critical infrastructure
Cyber Informed Engineering
Industrial Cyber Attacks
Malware, Phishing & Ransomware
News
Regulation, Standards and Compliance
Secure Remote Access
Secure-by-Design
Supply Chain Security
System Design & Architecture
Technology & Solutions
The Skills Gap - Training & Development
Threat Landscape
Vulnerabilities

US Federal Budget for FY 2025 boosts cybersecurity investments amid escalating threats

March 14, 2024
US Federal Budget for FY 2025 boosts cybersecurity investments amid escalating threats

The U.S. Federal Budget for Fiscal Year 2025 announced this week that it continues to invest in cybersecurity programs to protect the nation from malicious cyber actors and cyber campaigns. These investments work on countering emerging cyber threats, enhancing federal cybersecurity measures, safeguarding federal cyberspace and critical infrastructure, and ensuring robust disaster resilience, response, and recovery mechanisms.

The Budget will expand the Department of Justice’s (DOJ) ability to pursue cyber threats through investments in the FBI’s cyber and counterintelligence investigative capabilities. These investments sustain the FBI’s cyber intelligence, counterintelligence, and analysis capabilities and include an additional US$25 million to enhance those cyber response capabilities. 

Additionally, the Federal Budget includes $5 million to expand a new section within the DOJ’s National Security Division to focus on cyber threats. These investments align with the National Cybersecurity Strategy that emphasizes a ‘whole-of-nation’ approach to addressing ongoing cyber threats. The Budget also provides $2 million for DOJ to support the implementation of Executive Order 14110, addressing ‘Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence.’

To protect against foreign adversaries and safeguard Federal systems, the Budget bolsters cybersecurity by ensuring every agency increases public service security. The Budget provides $13 billion in cybersecurity funding across civilian departments and agencies to advance the Administration’s commitment to making cyberspace more resilient and defensible.

In addition, the Federal Budget provides an additional $103 million for the Cybersecurity and Infrastructure Security Agency (CISA), for a total of $3 billion to advance the Administration’s commitment to making cyberspace more resilient and defensible. This includes $470 million to deploy federal network tools, including endpoint detection and response capabilities; $394 million for CISA’s internal cybersecurity and analytical capabilities; $41 million for critical infrastructure security coordination and $116 million for critical infrastructure cyber event reporting.

The Budget allocates $455 million to expand the boundaries of artificial intelligence (AI) in the fields of science and technology, while also enhancing its safety, security, and resilience. This funding bolsters the Department’s computational abilities and aids in the creation of AI testbeds. These testbeds are designed to develop foundational models for energy security, national security, and climate resilience. They also provide tools for assessing AI’s potential to generate outputs that could pose threats or hazards related to nuclear, nonproliferation, biological, chemical, critical infrastructure, and energy security. Additionally, the budget supports ongoing efforts to train new researchers from diverse backgrounds, addressing the growing demand for AI expertise.

The federal government has also set aside to build cybersecurity defenses in the healthcare sector. Cyber attacks on the healthcare system disrupt patient care and put patient safety at risk, and the healthcare system continues to be a target for cybercriminals. From 2018 to 2022, there was a 95 percent increase in large data breaches reported to HHS, including ransomware attacks. In line with the National Cybersecurity Strategy, which emphasizes a ‘whole-of-nation’ approach to addressing the ongoing cyber threat, the Budget invests in protecting the Nation’s healthcare system from cyber threats. 

The Federal Budget includes funding for the Administration for Strategic Preparedness and Response to coordinate HHS’s cybersecurity efforts. The Budget provides $800 million to help high-need, low-resourced hospitals cover the upfront costs associated with implementing essential cybersecurity practices, and $500 million for an incentive program to encourage all hospitals to invest in advanced cybersecurity practices. 

The Budget also provides $141 million to continue strengthening HHS’s ability to protect and defend HHS systems and information while supporting the Healthcare and Public Health Sector, including $11 million to expand and enhance HHS’s capacity to protect the privacy and security of health information through Health Insurance Portability and Accountability Act of 1996 modernization. Furthermore, the Budget also invests in HHS’s role in promoting the use of AI in healthcare and public health while protecting against its risks.

The President’s 2025 Budget for the Department of Homeland Security (DHS) prioritizes climate resilience, federal cybersecurity, maritime security, and humane border enforcement. The resources allocated in the 2025 Budget build upon previous investments in the DHS workforce, cybersecurity, border security, and hazard mitigation. 

A significant portion of the federal budget is dedicated to supporting CISA. To enhance the resilience and security of U.S. cyberspace, the budget allocates $3 billion for the CISA, marking an increase of $103 million from the 2023 enacted level. This includes $470 million for the deployment of Federal network tools, including endpoint detection and response capabilities; $394 million to enhance CISA’s internal cybersecurity and analytical capabilities; $41 million for critical infrastructure security coordination; and $116 million for reporting critical infrastructure cyber events.

The President’s 2025 Budget for the Department of Justice (DOJ) prioritizes investments in several key areas including cyber threats; countering narcotics; protecting civil rights; implementing criminal justice reforms at the federal, state, and local levels; improving the immigration court system; and strengthening antitrust enforcement. The budget requests a discretionary budget authority of $37.8 billion for 2025, marking an increase of $235 million or 0.5 percent from the 2023 level.

To equip the workforce with ‘cutting edge’ technology, the Federal Budget also provides over $800 million in information technology and cybersecurity, a 17-percent increase above 2023 levels. These resources include substantial funding for zero trust architecture implementation to strengthen cybersecurity and approximately $20 million in targeted artificial intelligence investments firmly aligned with the goals laid out in Executive Order 14110.

The Federal Budget also provides $150 million for the cybersecurity enhancement account, an increase of $50 million above the 2023 level, to protect and defend sensitive agency systems and information, including those designated as high-value assets. The Budget increases centralized funding to strengthen the Treasury’s overall cybersecurity efforts and to continue the implementation of a zero trust architecture. These investments would protect Treasury’s systems, and the American public’s sensitive data safeguarded within these systems, from future attacks. 

The Budget also provides $396 million for the Bureau of the Fiscal Service, $24 million above the 2023 level. This includes funding to enhance the security posture of core government financial systems by modernizing and transitioning all mainframe applications to the secure cloud.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Securing cloud, IIoT in Industry 4.0 emerges crucial for protecting industrial operations across OT/ICS environments
Securing cloud, IIoT in Industry 4.0 emerges crucial for protecting industrial operations across OT/ICS environments
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
MITRE's CREF Navigator aligns with DoD's CMMC to boost cyber resilience in defense industrial base
MITRE’s CREF Navigator aligns with DoD’s CMMC to boost cyber resilience in defense industrial base
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings