With malicious hacking and other cyber threats on the rise, Taxpayers for Common Sense recently turned our attention to how much the federal government spends to keep us safe from cyber threats and where it spends that money.
Our analysts spent two years reviewing hundreds of thousands of pages of federal budget documents in an attempt to answer those questions.
When it comes to cyber spending, of this much we are sure: The federal government spends a boatload of money. How many billions Taxpayers can’t say for sure given the government’s propensity to fold cyber spending into overall programs, without a detailed breakdown.
In fact, the Committee on Appropriations of the U.S. House of Representatives recently complained about the lack of clarity in government budget documents on one small piece of cyber spending, cyberspace. The Committee had this to say:
“While the Service and defense-wide budget justification material, as well as the Department of Defense classified cyberspace activities information technology investments budget justification materials, provide some level of detail, much of the funding is encompassed within larger programs and funding lines, which limits visibility and congressional oversight of requested funding for cyberspace activities specifically.” Congress goes on to direct the Department of Defense Chief Information Officer to modify exhibits relating to cyberspace activities.
So, given that one of the most powerful Congressional committees in Washington has trouble getting clarity on cyberspace spending, we believe this research comes at just the right time.
We settled on providing the best picture we could develop from extensive research of government programs. Taxpayers created this database to give the public insight—sometimes penetrating, sometimes not, depending on available government data we could scrub—of what individual federal agencies spend to protect its many cyber secrets.
This database presents information on unclassified federal cyber spending from Fiscal Year 2007 to Fiscal Year 2016. Dollar figures are actual numbers through 2015. Fiscal year 2016 numbers are estimates included with President Obama’s Fiscal Year 2017 budget request. All figures are in thousands of dollars, and are in current dollars (not adjusted for inflation).
Taxpayers searched publicly available federal budget submissions to Congress and budget justification documents to identify programs included in this database. Our researchers analyzed those documents to identify individual budget lines that contain programs that the government acknowledges relate to cyber spending. In cases where budget documents were not available in a searchable format, we relied on congressional bills and reports for dollar figures.
We reviewed only public documents. We did not seek out nor did we review any classified or “Sensitive but Unclassified” documents.
Our review of all the Presidential Budget Request documents identified lines that indicated that the work included cyber funding. We know of no way, using only public documents, to determine precisely how much of that money is direct cyber spending. If we had included only programs with “cyber” in their title, we would have identified only a fraction of the hundreds of lines in this database. Instead, we looked for every instance in which “cyber” is mentioned in the explanatory documentation, or when it was reasonable to infer that such spending would have a significant impact on promoting cyber security.
Check out our data visualization tool. Compare spending across agencies and, within agencies, by comparing the sub-agencies. You can create your own charts and share them on social media. Please read our methodology before you start. (Yes, we know, boooooring!) The methodology gives you important context into how we developed the numbers.
So for all you budget wonks out there: dig in. We read the bills…and reports…and requests…and budget justifications, so you don’t have to!