Partially because of the looming presidential election, and assertions of hacking-spawned leaks, cybersecurity is on the tip of many people’s tongues and, it turns out, on the receiving end of the government’s wallet. More funding and awards are going towards protecting government department’s and digital assets than ever before, and not just in obviously sensitive areas, like the Department of Defense (DoD) and Department of Homeland Security (DHS). By doing searches specifically on cybersecurity funding awards, we found something interesting happening in the federal government: interest in funding cybersecurity is spreading throughout the government, far beyond traditional centers.
The DHS and DoD talked a fair amount about funding awards for cybersecurity in 2016, mentioning it 31 times including at least 10 specific funding contracts.
The National Science Foundation (NSF), which administers a great deal of government science funding, also frequently mentions and awards funding for research into cybersecurity, such as the 74.5 million announced in October of 2015 (NSF link). More recently, however, funding has started to spread to other areas of the federal government, which might not be so obviously interested in cybersecurity.
For instance, the Department of Health and Human Services announced its first award ever to fund cybersecurity upgrades on October 4, 2016: HHS awards funding to help protect health sector against cyber threats (HHS Link).
Overall, the number of different federal departments, agencies, and sub-agencies talking about cybersecurity funding has increased by 113% from 2011 to 2015 (from 29 to 62). In 2015, departments ranging from the National Credit Union Association to the Federal Emergency Management Agency issued grants or calls for funding.
While some funding is going to bolstering the government’s aging and outdated cybersecurity infrastructure – in the case of the HHS award above a previous report of testimony by the Chief Information Officer of HHS warned of possible security vulnerabilities back in May of 2016 – other funding sources are going towards general education and training about possible dangers. The National Institute of Standards and Technology (NIST) is funding a new education program through the National Initiative for Cybersecurity Education (NICE) to create job training programs so employers will have a wide pool of cybersecurity professionals to use for hiring.
As you can see in our other post about cybersecurity and the Internet of Things, interest is also growing in Congress for action, and funding, to deal with cybersecurity. The HHS example above demonstrates, that when the government starts talking about cybersecurity (as the agency did in May) that can lead to valuable funding of cybersecurity opportunities for well-informed businesses and contractors.