If spending is a good indicator of shifting priorities for both business and government, then cybersecurity is quickly becoming priority number one.
Last week, the White House announced a proposed 10 percent increase in spending on cybersecurity for the 2016 fiscal budget. The proposal includes $14 billion for efforts to prevent cyber attacks.
Businesses also are increasingly prioritizing cybersecurity spending. In a survey conducted by Piper Jaffray, which was released last month, 75 percent of Chief Information Officers (CIO) reported that they would increase cybersecurity spending in 2015. In fact, they described it as the “top spending priority” and “least discretionary” budget item for responding companies.
The White House’s spending announcement comes in the wake of last month’s announcement of proposed legislation that would provide protection from liability to companies that voluntarily share computer threat data and breach information with the government. If passed, the legislation would be the first United States federal law mandating timely notification of breaches. Most states already have general breach notification laws.
For the U.S. government, the importance of cybersecurity comports with spending on key global security initiatives. Notably, the cyber security expenditure comes under the heading of “Keeping Americans Safe at Home and Abroad,” which includes spending for items such as military defense and global humanitarian crises. In a February 2 speech before the U.S. Department of Homeland Security, the president said that the budget proposal “invests in our IT networks, to protect them from malicious actors.” As justification for the increased spending, the White House stated:
No system is immune to infiltration by those seeking to steal commercial or Government information and property to perpetrate malicious and disruptive activity. The Budget provides $14 billion to support cybersecurity efforts across the Government to strengthen U.S. cybersecurity defenses and make cyberspace more secure, allowing the Government to more rapidly protect American citizens, systems, and information from cyber threats.
