NIST budget request could more than double cybersecurity spending

Obama Administration requests $43.4 million for cybersecurity, more than doubles NIST R&D funding in this area.

In its fiscal 2012 budget, the Obama Administration requested the National Institute of Standards and Technology’s receive $43.4 million for cybersecurity programs, an increase that would more than double the funding for NIST research and development programs in this area, according to NIST officials.

The NIST budget for research and development in cybersecurity and information assurance is $28.9 million, assuming a fiscal 2011 full year continuing resolution, NIST officials said.

The NIST budget request would also allot $22.8 million for interoperability and emerging technologies with a focus on the Smart Grid, health IT and cloud computing.

The increase in funding represents the administration’s recognition of the growing importance of and need to strengthen the nation’s cyber infrastructure, said Pat Gallagher, director of NIST.

As threats to the security and reliability of cyberspace increase, the need for more sophisticated techniques, technology and standards to protect online transactions and the nation’s physical infrastructure that rely on a complex array of computer networks is paramount, he said.

“Overall this was a very tough budget,” with a focus on belt-tightening, Gallagher said. “We are pleased [with the budget request] but very humbled that this is occurring during a very tough budget environment,” he said.

There is a substantial increase for cybersecurity-related activities that include accelerating and promoting NIST’s core cybersecurity responsibilities under the Federal Information Security Management Act (FISMA) such as cryptographic technologies, security automation and standards, Gallagher said. However, there is also funding to support NIST’s lead in several federal interagency efforts, he added.

The Administration’s 2012 budget focuses on strategic spending areas and “cybersecurity is certainly one area where investment is warranted,” said Dan Chenok, chairman of the Information Security Advisory and Privacy Board. ISAP, chartered under FISMA, advises the Commerce Department, NIST and the Office of Management and Budget and reports to Congress on federal civilian security and privacy issues.

“We need to understand how cybersecurity will scale” to meet emerging threats to the nation’s cyber infrastructure, Chenok said.

Related coverage:

NIST guide tackles security challenges of public cloud computing

NIST's how-to on securing virtual machines

The Administration’s total request for NIST is $100 billion divided into three appropriations -- Scientific and Technical Research and Services, $678.9 million; Industrial Technology Services, $237.6 million; and Construction of Research Facilities, $84.6 million.

  • Ensuring a secure cyber infrastructure falls under the Scientific and Technical Research and Services category. As a result, the $43.4 million would be distributed in three areas:
  • Scalable Cybersecurity for Emerging Technologies and Threats, $14.9 million. The focus is on improving security techniques, supporting the creation of security standards, increase interoperability of security technologies and speed up the adoption of emerging technologies. 
  • National Program Office for the National Strategy for Trusted Identities in Cyberspace (NSTIC) and the NSTIC Grant Program, $24.5 million. The focus is on coordinating the execution and implementation of a national strategy to improve both the privacy and the security of sensitive online transactions. Also, NSTIC would provide $17.5 million in grants and other funding programs for pilot projects of trusted authentication systems for government services, e-commerce, and health IT.
  • National Initiative for Cybersecurity Education, $4 million. The goal is to expand this program from one that trains the federal workforce to a larger national education program focused on identifying gaps in cybersecurity education and developing metrics to determine the effectiveness of cyber training efforts.
Funding for the National Program Office and grant program would support activity around how people identify themselves online and ensure that they are protected when they conduct business online, said Chenok. Efforts to boost cybersecurity education will extend beyond government and contractors to ensure that the general public is aware of proper norms of behavior they can learn to better secure their online activities.

Concerning support from Congress, he said, “Congress is also very interested in and supportive of cybersecurity initiatives. You see a lot of interest on the [Capitol] Hill around potential legislation this year,” he said.

The growing concern for protecting the nation’s cyber infrastructure will be taken into consideration when Congress deals with resource spending in the fiscal 2012 budget, he said.

About the Author

Rutrell Yasin is is a freelance technology writer for GCN.

The 2015 Federal 100

Meet 100 women and men who are doing great things in federal IT.


  • Shutterstock image (by venimo): e-learning concept image, digital content and online webinar icons.

    Can MOOCs make the grade for federal training?

    Massive open online courses can offer specialized IT instruction on a flexible schedule and on the cheap. That may not always mesh with government's preference for structure and certification, however.

  • Shutterstock image (by edel): graduation cap and diploma.

    Cybersecurity: 6 schools with the right stuff

    The federal government craves more cybersecurity professionals. These six schools are helping meet that demand.

  • Rick Holgate

    Holgate to depart ATF

    Former ACT president will take a job with Gartner, follow his spouse to Vienna, Austria.

  • Are VA techies slacking off on Yammer?

    A new IG report cites security and productivity concerns associated with employees' use of the popular online collaboration tool.

  • Shutterstock image: digital fingerprint, cyber crime.

    Exclusive: The OPM breach details you haven't seen

    An official timeline of the Office of Personnel Management breach obtained by FCW pinpoints the hackers’ calibrated extraction of data, and the government's step-by-step response.

  • Stephen Warren

    Deputy CIO Warren exits VA

    The onetime acting CIO at Veterans Affairs will be taking over CIO duties at the Office of the Comptroller of the Currency.

  • Shutterstock image: monitoring factors of healthcare.

    DOD awards massive health records contract

    Leidos, Accenture and Cerner pull off an unexpected win of the multi-billion-dollar Defense Healthcare Management System Modernization contract, beating out the presumptive health-records leader.

  • Sweating the OPM data breach -- Illustration by Dragutin Cvijanovic

    Sweating the stolen data

    Millions of background-check records were compromised, OPM now says. Here's the jaw-dropping range of personal data that was exposed.

  • FCW magazine

    Let's talk about Alliant 2

    The General Services Administration is going to great lengths to gather feedback on its IT services GWAC. Will it make for a better acquisition vehicle?

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above