April 17, 2023
DOD’s FY24 Cyber Budget
Top leadership in the Department of Defense (DOD) often characterize the challenge with our potential adversaries China and Russia as both a pacing challenge and an acute threat. In no warfighting domain do we see this more clearly than in cyberspace. While China uses its cyber capabilities to steal from the United States, and understands that cyber dominance enables strategic dominance, Russia is actively using cyber operation in the Ukraine to disrupt command and control of Ukrainian forces. In addition, North Korea, Iran, and transnational criminals pose constant cyber threats to the US homeland and US interests.
The President’s FY24 Budget for DOD cyberspace activities is $13.5 billion, a $1.8 billion (15.4%) increase over the FY23 level adopted in December. Of the proposed FY24 total, $7.4 billion is marked for cyberspace operations with $3 billion of that for US Cyber Command (CYBERCOM). Highlights include an additional five Cyber Mission Force teams (bringing the total number of teams to 147) and increased cybersecurity support to the defense industrial base with the Cybersecurity Maturity Model Certification program. DOD also shifts budget authority for the Joint Cyber Mission Force to CYBERCOM. The budget prioritizes next-gen encryption solutions development and integration advances and operationalizes the Zero Trust framework.
Section 1507 of the FY22 National Defense Authorization Act (NDAA) contained Enhanced Budget Controls Initiative language allowing budget authority transfers from the services to CYBERCOM. This initiative provides CYBERCOM direct control and management of planning, programming, budgeting, and execution of resources necessary to maintain the cyber mission force. Specifically, the responsibilities assigned to CYBERCOM are the preparation of a program objective memorandum (POM) and budget estimate submission for resources required to train, equip, operate, and sustain the Cyber Mission Forces. In FY24, funding for major acquisition programs that were directed by the services on behalf of CYBERCOM shift to CYBERCOM.
Biden’s FY24 Budget includes the first CYBERCOM spending plan with full budget authority for the Cyber Mission Force. CYBERCOM does not publish an overall topline for these activities (other than the Department’s $13.5 billion total which includes CYBERCOM). This is likely due to national security reasons. CYBERCOM’s operation and maintenance budget request is $1.7 billion of which $332.5 million is for headquarters operations, its procurement budget request is $129 million, and its research, development, test, and evaluation (RDT&E) budget request is $1.1 billion.
The Army’s Operation and Maintenance Operating Forces request for Cyber Activities is $1.26 billion which is slightly below the enacted level of $1.37 billion. The Army requests $439 million for Zero Trust implementation including the enhancement of Zero Trust architecture through endpoint security and the deployment of Identity, Credential, Access Management (ICAM) to support Joint All-Domain Command and Control (JADC2). The Army also requests $95 million for defensive cyber operation tools. To support cyber infrastructure, the Army requests $163 million for the Cyber Instructional Classroom Facility at Fort Gordon.
The Navy’s FY24 cyber request highlights include:
- $314.8 million for information systems security,
- $149.6 million for information assurance,
- $80 million for risk management framework,
- $47.5 million for long haul cybersecurity network operations,
- $45.8 million for computer network defense, and
- $29 million for joint information
Although public Air Force FY24 budget data is not yet available. DOD’s O&M spreadsheet includes $1.1 billion for that category, a drop from the $1.7 billion in FY23. Most of that decrease is the above-referenced $501 million shift to U.S. CYBERCOM. The request by the Air Force should also appear in DOD’s overall IT and Cyberspace budget request, but those documents have not yet been published either.
In a March 30 hearing before the House Armed Services subcommittee on Cyber, Information Technology, and Innovations, General Paul Nakasone, Commander of CYBERCOM and Director of the National Security Agency (NSA) was asked whether he thought the cyber domain should be provided its own service to be consistent with the other warfighting domains (air, land, sea, space). He replied that CYBERCOM is modeled after US Special Operations Command (SOCOM) which is not run by a specific service. Representative Fallon (R-TX) commented that space had been made its own service and noted that DOD was requesting funding that equates to less than 2% of its budget for cyberspace. The implication being there is a mismatch between resources and rhetoric regarding the importance of the cyber domain to the warfighter. Immediately after this hearing, there was a closed session that presumably looked further into the classified cyber budget.
Chairman Mike Gallagher (R-WI) asked for an assessment of the value of creating a cyber force as a service as part of the Cyber Posture Review. The latest review was silent on that subject. Chairman Gallagher also served as the Co-Chair of the Cyberspace Solarium Commission with inserted recommendations into the FY21 NDAA. Section 1706 of that bill calls for a cyber force structure assessment as part of the Cyber Posture Review.
As action on the FY24 authorization and appropriations bills unfold, expect continued interest in boosting cyber capabilities and budgets by the congressional defense committees and continued questions about the dynamic threat environment and the Pentagon’s response.