Spending on cybersecurityThe brief

Published 28 October 2009

General IT spending by the U.S. government will increase by 3.5 percent a year between 2009 and 2014; during the same time, U.S. government spending on cybersecurity will grow at a compound rate of 8.1 percent a year, and spending on vendor-supplied information security products and services will increase from $7.9 billion in 2009 to $11.7 billion

U.S. government spending on cybersecurity will grow at a compound rate of 8.1 percent a year between 2009 and 2014, outpacing general IT spending, according to the government analyst firm Input. Spending on vendor-supplied information security products and services will increase from $7.9 billion in 2009 to $11.7 billion in 2014, research group Input predicted. General IT spending by the U.S. government will increase by 3.5 percent a year during the same time frame, said Kevin Plexico, Input’s senior vice president of research and analysis.

Even if those increases happen, there will be questions about whether the U.S. government is doing enough, he said. “The challenge is, how good is good enough?” Plexico added. “There’s no authority or organization that can tell you when you’ve done enough and are ‘secure.’”

A number of factors will drive information security spending, Plexico said. First, president Barack Obama and lawmakers have paid significant attention to cybersecurity this year, with several bills focused on improving cybersecurity in the U.S. government or private organizations. In addition, cyberattacks on the federal government have increased substantially in recent years, and attacks are becoming more sophisticated, according to many cybersecurity experts. “It’s a recognition across parties and the administration and Congress that more needs to be done within the federal government,” Plexico said. “With that comes broad support for extraordinary levels of funding.”

Plexico expects a “higher bar” to be set for federal cybersecurity when Obama appoints his long-awaited cybersecurity coordinator. In May Obama announced a new direction for federal cybersecurity efforts and promised to appoint a cybersecurity coordinator in the White House.

Grant Gross writes that vendors wishing to market their information security products to federal agencies should be aware of some key trends, Plexico said. The U.S. government is moving toward consolidation of cybersecurity efforts, with a few larger agencies taking over the information security roles at smaller agencies, he said, “You need to be paying attention to where those consolidation and centralization centers are,” he said.

In addition, much of the federal government’s cybersecurity focus will be real-time monitoring and control of computer networks, Plexico predicted. He sees less emphasis in the future on audits to identify breaches after they happen. “Agencies are really investing in technology that helps them identify threats as soon as they happen, and even anticipate where those threats are going to come from,” he said.

Input bases its predictions on economic forecasts, historical analysis of government spending, past budgets, Obama’s 2010 budget request, and other information.

 

Related stories

UN: Next world war may be in cyberspace (10/10)

How far should government go to make the Web secure? (10/4)

DHS to hire 1,000 cyber experts (10/2)

President to be able to seize private-sector networks in an emergency (8/31)

Cybersecurity is now a must for the grid, I (8/5)

Cybersecurity is now a must for the grid, II (8/7)