OMB Focuses on Cybersecurity for Agency FY 2025 Budget Requests

Nonfederal entities skilled in technology will be highly sought out to help do their part to protect the federal government’s cybersecurity efforts. The Office of Management and Budget (OMB) recently issued OMB Memorandum M-23-18, which discusses the Biden Administration’s cross-agency cybersecurity investment priorities for formulating the federal fiscal year (FY) 2025 budget. Further guidance on cybersecurity research and development priorities will be released in a separate memorandum.
Consistent with the National Cybersecurity Strategy, federal departments and agencies are being requested to prioritize five cybersecurity effort areas: (1) defend critical infrastructure; (2) disrupt and dismantle threat actors; (3) shape market forces to drive security and resilience; (4) invest in a resilient future; and (5) forge international partnerships to pursue shared goals. OMB and the Office of the National Cyber Director will jointly review agency responses to these priorities in the FY 2025 budget submissions, identify potential gaps and identify potential solutions to those gaps.
Within the third goal of "shaping market forces to drive security and resilience," OMB urges agencies to leverage grants and other incentives to build in security. The memorandum notes through that programs funded by the Infrastructure Investment and Jobs Act (Pub. L. 117-58), the Inflation Reduction Act (Pub. L. 117-169), and the Chips and Science Act (Pub. L. 117-167), the federal government is supporting a digital ecosystem. OMB urges departments and agencies to ensure that federal funding programs for critical infrastructure are “designed, developed, fielded and maintained with cybersecurity resilience in mind.”
It adds that agency budget submissions should demonstrate how the agency supports efforts to secure this infrastructure from cyber threats through:
- support for project review, fiscal compliance and assessment to address cybersecurity threats and the development of cybersecurity performance standards for infrastructure investments where existing standards require refinement; and
- encouraging the implementation of joint efforts across agencies to provide technical support to projects throughout the design and build phases.
Cyber threats are all around us, so we agree that this is a worthwhile strategy.
Join us for our following Thompson Grants events:
Thompson Grants Workshop: Indirect Costs | July 25, 2023 | Virtual Event
Federal Grants Forum For Institutions of Higher Education | Sept. 13-14, 2023 | Virtual Event