美国政府网络犯罪行业市场前景及投资研究报告-培训课件外文版2024.6

DIGITAL

&

TRENDSU.S.governmentandcybercrimeCHAPTER

01CyberattacksNumberofcyberincidentswithapoliticaldimensioninitiatedagainsttheUnitedStatesin2023,byattackcharacteristicNumberofpoliticalcyberattackslaunchedagainstU.S.2023,byattackcharacteristicNumberofcyberattacks020406080100120140Attackoncriticalinfrastructuretarget(s)Non-politicizedattackonpoliticaltarget(s)Attackconductedbynon-stateactorswithpoliticalgoalsAttackconductedbyastate-affiliatedgroupPoliticizedattackonpoliticaltarget(s)122721174Politicizedattackonnon-politicaltarget(s)Attackconductedbyanationstate213Description:In2023,globalcyberthreatactorslaunchedatotalof191cyberattackswithapoliticaldimensionagainsttheUnitedStates.Theattacksoncriticalinfrastructuretargetswerethemostfrequent,with122incidentsoverall.Furthermore,72cyberincidentswerecharacterizedasnon-politicizedattacksonpoliticaltargets.ReadmoreNote(s):Worldwide,UnitedStates;2023Source(s):SWPLargestcyberattacksonU.S.governmententitiesasofSeptember2023CyberattacksonU.S.government2023Name

and

date

ofthe

attackResult

ofthe

attackOfficeofPersonnelManagement(OPM)Breach(2015)SolarWindsSupplyChainAttack(2020)DemocraticNationalCommittee(DNC)Hack(2016)WannaCryRansomwareAttack(2017)Pentagoncyberattack(2023)22millioncurrentandformerfederalemployeesCompromiseofvariousgovernmentnetworksCompromiseofsensitiveinformationanddocumentsEncryptionofusers’files,demandingransompaymentCompromiseof632,000employeee-mailaddressesTargetingthelargestfuelpipelineintheU.S.ColonialPipelineRansomwareAttack(2021)4Description:AsofSeptember2023,themostsignificantcyberattackonU.S.governmententities,intermsofnumberofpeopleinvolved,wasthe2015databreachincidentattheOfficeofPersonnelManagement(OPM).AnothermassivecyberattackwastheSolarWindssupplychainattackin2020.TheattackersgainedaccesstogovernmentnetworksthroughanITmanagementsoftwarevendor.ReadmoreNote(s):UnitedStates;September2023Source(s):Forbes;SecurityScoreCard;VarioussourcesNumberofcybersecurityincidentreportsbyfederalagenciesintheUnitedStatesfromFY2006to2022AnnualnumberofcyberincidentstargetingU.S.federalagencies2006-202290,00080,00070,00077,18367,16861,21460,00050,00040,00030,00020,00010,000048,56242,85441,77635,27732,50930,8992016*31,10730,81930,65929,99928,581201916,843200811,91120075,50320062009201020112012201320142015201720182020202120225Description:Inthefiscalyear2022,thenumberofcybersecurityincidentreportsbyfederalagenciesintheUnitedStateswasover30thousand,aroundfivepercentdecreasefromthepreviousyear.ThisnumberincludesreportingsbybothCFOandnon-CFOActagencies.ReadmoreNote(s):UnitedStates;Fiscalyear2006to2022;CFOActagenciesandnon-CFOActagencies;*Thedecreaseinthenumberofcyberincidentsreportedinfiscalyear2016waslikelyaresultofthechangeinfederalincidentreportingguidelines.For[...]

ReadmoreSource(s):USOfficeofManagementandBudgetNumberofreportedcyberattacksagainsttheU.S.governmentinFY2022,byattackvectorandgovernmentagenciesU.S.governmentagencies:numberofcybersecurityincidents2022,byattackvectorCFONon-CFOGovernment-wideAttrition1902991467191197301047E-mail/phishingExternal/removablemediaImpersonation/spoofingImproperusageLossortheftofequipmentWeb35035102801708244511971173187788104671786245312489175Other/unknownMultipleattackvectorsTotal518229839820306596Description:Inthefiscalyear2022,theU.S.governmentencountered3,010e-mailorphishingattacks.ThemajorityoftheseattackstargetedCFOactagencies.Attacksthatoccurredduetoaviolationofanorganization'sacceptableusagebyanauthorizeduser,excludingmentionedcategories,amountedtoover10,000cases.ReadmoreNote(s):UnitedStates;FY2022;agency-reportedincidents;US-CERTincidentsSource(s):USOfficeofManagementandBudgetCHAPTER

02DatabreachesMostsignificantcasesofdatabreachworldwideasofJanuary2024(inmillions),bynumberofcompromiseddatarecordsandindividualsimpactedAll-timebiggestonlinedatabreaches2024Number

ofimpacted

users

and

breached

recordsCam4DataBreach(Mar2020)10.88bnrecords3bnacounts1.1bnpeople1.1bnusersYahooDataBreach(2017)*AadhaarDataBreach(Mar2018)AlibabaDataBreach(Jul2022)FirstAmericanFinancialCorporationDataBreach(May2019)Verifications.ioDataBreach(Feb2019)LinkedInDataBreach(Jun2021)885musers763musers700musersFacebookDataBreach(Apr2019)YahooDataBreach(2014)533musers500maccounts500mguests412.2maccounts360maccounts340mpeopleStarwood(Marriott)DataBreach(Nov2018)AdultFriendFinderDataBreach(Oct2016)MySpaceDataBreach(Jun2013)ExactisDataBreach(Jun2018)8Description:ThelargestreporteddataleakageasofJanuary2024wastheCam4databreachinMarch2020,whichexposedmorethan10billiondatarecords.Thesecond-largestdatabreachinhistorysofar,theYahoodatabreach,occurredin2013.Thecompanyinitiallyreportedaboutonebillionexposeddatarecords,butafteraninvestigation,thecompanyupdatedthenumber,revealingthatthreebillionaccountswereaffected.ThenextsignificantdataleakagewastheMarch2018security[...]ReadmoreNote(s):Worldwide;January2024;basedonnumberofrecordslost;*YahooDataBreachhappenedin2013butonlydisclosedin2017.Thenumberofrecordsstolenwasoriginallythoughttobemuchsmaller.Yahoorevealedtherealnumbersin[...]

ReadmoreSource(s):UpGuardAnnualnumberofdatacompromisesandindividualsimpactedintheUnitedStatesfrom2005to2023NumberofdatacompromisesandimpactedindividualsinU.S.2005-2023DatacompromisesNumberofrecordsexposedinmillionsIndividualsimpactedinmillions3,5003,0002,5002,0001,5001,0005003,2052,541.072,227.851,825.411,8621,8021,5061,2791,1751,09936.61,108883.56783785656662614498471.23446447419422.14353.02321318.28310.12

298.08222.519815766.9169.1164.68127.791.98

85.6119.135.716.222.917.302005

2006

2007

2008

2009

2010

2011

2012

2013

2014

2015

2016

2017

2018

2019

2020

2021*

2022

20239Description:In2023,thenumberofdatacompromisesintheUnitedStatesstoodat3,205cases.Meanwhile,over353millionindividualswereaffectedinthesameyearbydatacompromises,includingdatabreaches,leakage,andexposure.Whilethesearethreedifferentevents,theyhaveonethingincommon.Asaresultofallthreeincidents,thesensitivedataisaccessedbyanunauthorizedthreatactor.ReadmoreNote(s):UnitedStates;2005to2023;datacompromisesincludedatabreaches,dataexposures,anddataleaks;individualsimpactedmaygobeyondtheUnitedStates;*Since2021,the"Numberofrecordsexposed"islistedas"Numberof[...]

ReadmoreSource(s):IdentityTheftResourceCenterNumberofcasesofdataviolationduetocyberattacksintheUnitedStatesfrom2020to2023,byindustryPrivatedataviolationincidentsintheU.S.2020-2023,byindustry2020306138702021330279222184125792022343269249223100872023809HealthcareFinancialservicesManufacturingandutilitiesProfessionalservicesEducation7441444230817316710010511910145Technology67GovernmentNon-profit/NGORetail476674318672531024465TransportationHospitality2136173334Unknown41Other1723082508110Description:In2023,thehealthcareindustryintheUnitedStatesremainedthemosttargetedbycyberattacks,resultingindatacompromises.Comparedto2022,thenumberofdatacompromiseincidentsintheU.S.healthcareindustryincreasedmorethantwice.Thefinancialservicessectorrankedsecond,with744datacompromiseincidents,representingasignificantincrease,too.ReadmoreNote(s):UnitedStates;2020to2023Source(s):IdentityTheftResourceCenterNumberofvictimsofdataviolationincidentsintheUnitedStatesfrom2022to2023,byindustry(inmillions)PrivatedataviolationincidentvictimsintheU.S.2022-2023,byindustry202220233537365615630151210106Total425UtilitiesTechnologyFinancialservicesHealthcare24927286ProfessionalservicesGovernmentTransportationNon-profit/NGORetail24179870242HospitalityManufacturingEducation5411Description:In2023,theutilitiesindustryintheUnitedStatessawthemostsignificantnumberofvictimsofdatacompromisecases,witharound73millionindividualsimpacted.Technologyrankedsecond,with65millionvictims.Overall,353millionpeopleintheUnitedStateswereaffectedbydatacompromiseincidents.ReadmoreNote(s):UnitedStates;2022to2023Source(s):IdentityTheftResourceCenterLargestdatabreachesinvolvingU.S.governmententitiesfromJanuary2014toNovember2023,bythenumberofrecordsaffected(inmillions)DatabreachesonU.S.government2014-2023,bynumberofaffectedrecordsNumberofaffectedrecordsinmillions010203040506070TheUSPostalService(2018)TheOfficeofPersonnelManagement(2015)CaliforniaSecretaryofState(2017)6021.519.2GovernmentPaymentService,Inc.(2018)GeorgiaSecretaryofState(2015)14612Description:BetweenJanuary2014andNovember2023,themostsignificantdatabreachincidentinvolvingtheU.S.governmentwasthe2018breachattheU.S.PostalService.Theincidentcompromised60millionrecords.DuringthedatabreachincidentattheOfficeofPersonnelManagementin2015,21.5milliondatarecordswereaffected.ReadmoreNote(s):UnitedStates;January2014toNovember2023Source(s):ComparitechNumberofdatabreachincidentsaffectingU.S.governmentorganizationsfromJanuary2023toNovember2023,bystateNumberofU.S.governmentdatabreachincidents2023,bystateNumberofdatabreachincidents024681012141618CaliforniaTexas168Florida7MassachusettsNewYorkIllinoisOhioPennsylvaniaVirginia665555OregonGeorgiaMarylandDistrictofColumbia444413Description:BetweenJanuaryandNovember2023,CaliforniawastheU.S.statewiththehighestnumberofreporteddatabreachincidentstargetingthegovernment.Inthemeasuredperiod,thegovernmentagenciessaw16casesofdatabreaches.Texasrankedsecond,witheightincidents.Overall,137casesofgovernmentdatabreacheswererecordedintheUnitedStates.ReadmoreNote(s):UnitedStates;JanuarytoNovember2023;databreachesthathaveoccurredwithinfederal,state,county,andcitygovernmentandmilitarydepartmentsSource(s):ComparitechDistributionofU.S.governmententitiesexperiencingdatabreachincidentsfromJanuary2018toNovember2023,bytypeU.S.governmententitiesdatabreachencounter2018-2023,bytype35%30%30%24%25%20%15%10%5%17%14%8%8%0%CityCountyLawenforcementTownDepartmentofHealthOthercategories14Description:BetweenJanuary18andNovember2023,aquarterofdatabreachincidentsintheUnitedStatesgovernmenthappenedatcityadministrationoffices.Afurther17percentoftheincidentsinvolvedcounties,whilelawenforcementagenciesencountered14percentofthedatabreaches.ReadmoreNote(s):UnitedStates;January2018toNovember2023Source(s):ComparitechNumberofrecordsexposedinonlinedatabreachesintheUnitedStatesfrom1stquarter2020to4thquarter2023(inmillions)U.S.numberofdatasetsaffectedindatabreachesQ12020-Q42023120100806040200114.0586.4775.537250.6350.2339.631.7515.368.498.16.976.745.032.392.32Q12020

Q22020

Q32020

Q42020

Q12021

Q22021

Q32021

Q42021

Q12022

Q22022

Q32022

Q42022

Q12023

Q22023

Q32023

Q4202315Description:Betweenthefirstquarterof2020andthefourthquarterof2023,thenumberofrecordsexposedindatabreachesintheUnitedStatesdecreasedsignificantly.Inthemostrecentmeasuredperiod,over31millionrecordswerereportedasleaked,upfromaroundeightmillioninthepreviousquarter.ReadmoreNote(s):UnitedStates;Q12020toQ42023Source(s):SurfSharkCHAPTER

03SecuritygovernanceShareofU.S.stateswithacybersecuritybudgetlineitemaccordingtostatechiefinformationsecurityofficers(CISOs)in2022U.S.stateswithacybersecuritybudgetlineitem2022Shareofrespondents0%5%10%15%20%25%30%35%40%45%50%YES-establishedbysecretaryorCIOYES-establishedbystatuteorlaw15%21%YES-establishedbyexecutive(governor's)orderYES-establishedbyadministrativerule,regulation,orprocedureNo,aspartoftheoverallITbudget4%10%46%Notapplicable/donotknow2%2%Other17Description:Asof2022,21percentofU.S.stateshadacybersecuritybudgetthatwasestablishedbystatuteorlaw.Atotalof46percentofstateshadnoseparatecybersecuritybudgetlineitemasitwaspartoftheoverallITbudget.

ReadmoreNote(s):UnitedStates;2022;50respondents;statechiefinformationsecurityofficers(CISOs)Source(s):Deloitte;NASCIOCurrentstatusofU.S.statescyberlegislationsorstatutesaccordingtostatechiefinformationsecurityofficers(CISOs)in2022,bycybersecurityprovisionU.S.currentstatusofstatecyberlegislations&statutes2022Legislation/statuteestablishedandfundedLegislation/statuteinprogressLegislation/statuteestablishedandnotfundedLegislation/statutenotinplace70%60%50%40%30%20%10%0%65%60%56%46%44%44%42%25%23%23%13%13%12%8%8%6%4%4%2%2%RoleandauthorityoftheenterpriseCISOorequivalent

programandframeworkforenterpriseriskmanagementState-levelcybersecurityCyberthreatinformationsharingprogrambetweenstateagencies,lawenforcement,andprivateentitiesCybersecurityworkforcedevelopmentandtrainingCybersecuritylegislativecouncilorequivaelnttodoaperiodicreviewandsteerthestate'scybersecurityposture,andallocatefunding18Description:A2022surveyofStateChiefInformationSecurityOfficersintheUnitedStatesfoundthatthestates'biggestcybersecuritychallengewasthelegacyinfrastructureandsolutionstosupportemergingthreats.Shortageofcybersecurityprofessionalsfollowedcloselyasoneofthemainchallenges,asperstateCISOs.ReadmoreNote(s):UnitedStates;2022;Statechiefinformationsecurityofficers(CISOs)of50statesandthreeterritoriesSource(s):Deloitte;NASCIOMostcommoncybersecuritychallengesofU.S.statesaccordingtostatechiefinformationsecurityofficers(CISOs)in2022LeadingbarrierstoaneffectivestatecyberprogramintheU.S.2022Shareofrespondents0%10%20%30%40%50%60%LegacyinfrastructureandsolutionstosupportemergingthreatsInadequateavailabilityofcybersecurityprofessionalsInadequatecybersecuritystaffing52%50%46%DecentralizedITandsecurityinfrastructureandoperationsIncreasingsophisticationofthreats38%29%19Description:A2022surveyofStateChiefInformationSecurityOfficersfoundthatthestates'biggestcybersecuritychallengewasthelegacyinfrastructureandsolutionstosupportemergingthreats.Shortageofcybersecurityprofessionalsfollowedcloselyasoneofthemainchallenges,asperstateCISOs.ReadmoreNote(s):UnitedStates;2022;statechiefinformationsecurityofficers(CISOs)Source(s):Deloitte;NASCIODegreeofadoptionofsecurityawarenessservicesbypublicinstitutionsintheUnitedStatesin2022U.S.publicinstitutionsadoptionlevelofsecurityawarenessservices2022Shareofrespondents543210%10%20%19%30%40%50%60%70%67%80%StateagenciesLocalgovernments6%6%2%8%8%21%19%10%8%8%Publichighereducation10%12%12%20Description:A2022surveyofStateChiefInformationSecurityOfficers(CISOs)intheUnitedStatesfoundthat67percentofstateagencieshadadoptedsecurityawarenessservicesofferedbystateCISOsonthehighestlevel.Meanwhile,19percentoflocalgovernmententitiespresentedthelowestlevelofadoptionofsecurityawarenessservices.ReadmoreNote(s):UnitedStates;2022;Statechiefinformationsecurityofficers(CISOs)of50statesandthreeterritories;1-leastadopted,5-mostadoptedSource(s):Deloitte;NASCIODegreeofadoptionofincidentresponseservicesbypublicinstitutionsintheUnitedStatesin2022U.S.publicinstitutionsadoptionlevelofincidentresponseservices2022ShareofinstitutionsPublichighereducation

Localgovernments30%Stateagencies40%0%10%20%19%50%60%1234515%2%12%17%17%6%6%15%15%12%12%23%2%54%21Description:A2022surveyofStateChiefInformationSecurityOfficers(CISOs)intheUnitedStatesfoundthat54percentofstateagencieshadadoptedincidentresponseservicesofferedbystateCISOsonthehighestlevel.Meanwhile,19percentofpublichighereducationinstitutionspresentedthelowestlevelofadoptionofincidentresponseservices.ReadmoreNote(s):UnitedStates;2022;Statechiefinformationsecurityofficers(CISOs)of50statesandthreeterritories;1-leastadopted,5-mostadoptedSource(s):Deloitte;NASCIODegreeofeffectivenessofcybersecurityregulationsaccordingtostateCISOsintheUnitedStatesin2022U.S.cybersecurityregulationseffectivenessperstateCISOs2022Effectiveness

degree

(1

-

least

effective,5

-

mosteffective)State

regulations/legislationwith

commitment

forfundingState

regulations/legislationwithout

commitment

forfundingFederalregulations

withcommitment

for

fundingFederalregulations

withoutcommitment

for

funding1(leasteffective)10%4%25%21%31%13%4%10%15%23%33%15%27%27%29%12%2%2323%29%35%45(mosteffective)22Description:A2022surveyofStateChiefInformationSecurityOfficers(CISOs)intheUnitedStatesfoundthatstate-levelprivacyregulationswithcommitmenttofundingweremorelikelytoimprovethestate'scybersecuritypostureandreducerisk.Roughly35percentofstateCISOssaidsuchregulationsweremosteffective.Inthecaseofthefederalcybersecurityregulationswithfunding,only15percentthoughttheyweremosteffective.ReadmoreNote(s):UnitedStates;2022;Statechiefinformationsecurityofficers(CISOs)of50statesandthreeterritories;1-leasteffective,5-mosteffectiveSource(s):Deloitte;NASCIOShareofU.S.governmentagenciesimplementingeffectiveinformationsecurityprogramsfromFY2017toFY2022U.S.governmentagencieseffectiveinformationsecurityprogramsFY2017-202270%64%61%60%60%54%51%48%50%40%30%20%10%0%FY2017FY2018FY2019FY2020FY2021FY202223Description:Asoffiscalyear2022,theinformationsecurityprogramsimplementedby61percentofU.S.governmentCFOandNon-CFOActagencieswereratedasoverall"effective,"downfrom64percentofagenciesinfiscalyear2021.Overall,theshareofU.S.governmentagencieswithsufficientinformationsecurityprogramsimplementedhasincreasedsincefiscalyear2017.ReadmoreNote(s):UnitedStates;FY2017toFY2022;CFOActagenciesandNon-CFOActagencies;effectivenessdeterminedbyagencies'inspectorgenerals(IG)Source(s):USOfficeofManagementandBudgetShareofU.S.governmentagenciescomplyingwithprivacyrequirementsandmanagingprivacyrisksasoffiscalyear2022,byagencytypeShareofU.S.governmentagenciescomplyingwithprivacyrequirementsFY2022,bytypeShareofagenciesNon-CFO0CFO102030405060708090881001109896Theagencyensuresthattheagency’sprivacyworkforcehastheappropriateknowledgeandskill94Theagencyhasassesseditshiring,training,andprofessionaldevelopmentneedswithrespecttoprivacyduringthereportingperiod7675Theagencyhasdevelopedaworkforceplanningprocesstoensurethatitaccountsforprivacyworkforceneeds79Theagencyhasdevelopedasetofcompetencyrequirementsforprivacystaff,includingprogrammanagersandprivacyleadershippositions7524Description:Asoffiscalyear2022,96percentofU.S.CFOand98percentofNon-CFOActagenciesintheUnitedStatesensuredtheirprivacyworkforcehadtheappropriateknowledgeandskill.Furthermore,88percentofCFOand94percentofNon-CFOActagenciesassessedtheirhiring,training,andprofessionaldevelopmentneedsconcerningprivacy.ReadmoreNote(s):UnitedStates;FY2022;CFOActagenciesandNon-CFOActagenciesSource(s):USOfficeofManagementandBudgetChallengesinestablishingcybercrimemetricsforUnitedStatesgovernmentagenciesasofJune2023U.S.governmentagencieschallengesestablishingcybercrimemetrics2023Numberofagencies0123456789DifficultyinmeasuringcybercrimeLackofashareddefinition87Distinguihsingcybercrimeandcyber-enabledcrimeCoordinationamonglawenforcement6425/statistics/1455461/us-gov-agencies-cybercrime-metrics-challengesAsofJune2023,eightof12selectedU.S.governmentagencieshaddifficultiesmeasuringcybercrime.Thelackofashareddefinitionandthedistinctionbetweencybercrimeandcyber-relatedcrimewerealsocommonchallengesforgovernmentagencies.ReadmoreNote(s):UnitedStates;June2023;12governmentagenciesSource(s):GAOCHAPTER

04ITandcybersecurityspendingEstimatedcybersecurityspendingoftheU.S.governmentonCFOActandnon-CFOActagenciesfromFY2018toFY2024(inmillionU.S.dollars)U.S.cybersecurityspendingonCFOActandnon-CFOActagenciesFY2018-FY2024DepartmentofDefenseCFOActAgencies(excludingDoD)Non-CFOActAgencies14,00012,00010,0008,0006,0004,0002,0000201820192020202120222023202427Description:Inthefiscalyear2024,theUnitedStatesgovernment'sestimatedannualciviliancybersecurityspendingontheCFOActandnon-CFOActagencieswas12,170and548.5millionU.S.dollars,respectively.Sincethefiscalyear2022,theestimatedcybersecurityspendingfortheDepartmentofDefensewasnotreported.ReadmoreNote(s):UnitedStates;FY2018toFY2024;*Estimate,**BudgetTheFederalInformationSecurityManagementAct(FISMA)isUnitedStateslegislationthatdefinesacomprehensiveframeworktoprotectgovernmentinformation,operationsand[...]ReadmoreSource(s):USOfficeofManagementandBudgetCybersecurityspendingoftheU.S.governmentonselectedgovernmentdepartmentsinFY2023(inmillionU.S.dollars)U.S.governmentcybersecurityspendingonselecteddepartmentsFY2023SpendinginmillionU.S.dollars05001,0001,5002,0002,5003,0003,500DepartmentofAgricultureDepartmentofCommerceDepartmentofEducation239217478DepartmentofEnergy788813DepartmentofHealth&HumanServicesDepartmentofHomelandSecurityDepartmentofHousing&UrbanDevelopmentDepartmentofJustice2,920741,174DepartmentofLabor96DepartmentofState570DepartmentoftheInterior164DepartmentoftheTreasuryDepartmentofTransportation96341428Description:Inthefiscalyear2023,civiliancybersecurityspendingoftheU.S.DepartmentofHomelandSecurityamountedtoaroundthreebillionU.S.dollars.TheDepartmentofJusticespentabout1.3billionU.S.dollarsonrelevantcybersecurityinvestments.ThetotalcivilianCFOAgencycyber(excludingtheDepartmentofDefense)securityspendingamountedto10.7billionU.S.dollars.ReadmoreNote(s):UnitedStates;FY2023;CFOActagencies,excludingtheDepartmentofDefenseSource(s):USOfficeofManagementandBudgetProposedspendingbytheU.S.federalgovernmentoncybersecurityforselectedgovernmentagenciesfromFY2022toFY2024(inmillionU.S.dollars)U.S.federalgovernmentproposedcybersecurityspendingFY2022-2024202226944219478569525785220232394782177888132920742024248427313928947309788DepartmentofAgricultureDepartmentofCommerceDepartmentofEducationDepartmentofEnergyDepartmentofHealth&HumanServicesDepartmentofHomelandSecurityDepartmentofHousing&UrbanDevelopmentDepartmentofJustice9578211749613531247481921042443DepartmentofLaborDepartmentofState565145749358570164963414DepartmentoftheInteriorDepartmentoftheTreasuryDepartmentofTransportation29Description:Forthefiscalyear2024,theestimatedcybersecurityspendingoftheDepartmentofHomelandSecurity(DHS)wasmorethanthreebillionU.S.dollars,makingitthelargestbudgetamongtheCFOactgovernmentagencies,excludingtheDepartmentofDefense.ThecybersecurityspendingoftheDepartmentofDefense(DoD)wasnotreportedsincethefiscalyear2022.OverallcybersecurityspendingintheUnitedStatesisprojectedtoincreasein2023withthetotalestimatedagency[...]

ReadmoreNote(s):UnitedStates;FY2022toFY2024;CFOActagencies;*EstimatedTheFederalInformationSecurityManagementAct(FISMA)isUnitedStateslegislationthatdefinesacomprehensiveframeworktoprotectgovernmentinformation,[...]ReadmoreSource(s):USOfficeofManagementandBudgetEstimatedbudgetoftheU.S.governmentforcybersecurityinFY2017to2024(inbillionU.S.dollars)U.S.government:estimatedcybersecurityspendinginFY2017-2024252019.1118.7916.9414.981510513.1512.7211.198.640FY2017ActualFY2018ActualFY2019ActualFY2020ActualFY2021ActualFY2022ActualFY2023ActualFY2024Estimate30Description:Forthefiscalyear2024,thegovernmentoftheUnitedStatesproposeda12.72billionU.S.dollarbudgetforcybersecurity,representinganincreasefromthepreviousfiscalyear.Thesefederalresourcesforcybersecurityaresettosupportabroad-basedcybersecuritystrategyforsecuringthegovernmentandenhancingthesecurityofcriticalinfrastructureandessentialtechnologies.ReadmoreNote(s):UnitedStates;FY2017toFY2024;CFOActandnon-CFOActagencies,excludingtheDepartmentofDefensefrom2021onwardsSource(s):USCongressionalBudgetOffice;USOfficeofManagementandBudgetFederalgovernmentinformationtechnology(IT)budgetintheUnitedStatesfromFY2017toFY2024,bydepartment(inmillionU.S.dollars)U.S.President'sfederalgovernmentITbudget2017-2024,bydepartment20173029743941205064804333