How much do the Feds spend on cybersecurity?

Although the government wants every IT department to keep a close eye on how much it is spending, it's pretty surprising that the Office of Management and Budget does not know how much its departments and agencies spend on IT security.

Federal CIO Vivek Kundra told a Senate panel last week that he was shocked to learn that the OMB never collects specific IT security expenditures, just aggregated data. The lack of this information hinders OMB from effectively assessing how one agency compares against another in securing IT assets, he said.

Kundra testified before the Senate Homeland Security and Governmental Affairs Committee's Subcommittee on Federal Financial Management, Government Information, Federal Services and International Security. The lack of information shocked Sen. Tom Carper (D-Del.), chairman of the committee, too. He put the amount at $40 billion spent since 2002 when the Federal Information Security Management Act (FISMA) became law.

"Federal agencies have spent more on cybersecurity that the entire gross domestic product of North Korea, who some have speculated is to be involved with some of these cyber attacks. That is simply unacceptable," Carper said.

For more on cybersecurity spending:
- see this govinfosecurity.com article

Related Articles:
Five lessons from the big hack attack
Obama's budget shifts IT spending