Funding and sustaining cybersecurity initiatives is one of the fundamental challenges confronting state policy makers. A recent survey of states found that, on average, cybersecurity funding only accounted for three to five percent of information technology (IT) budgets. This memo examines how 23 states and the District of Columbia (D.C.) have allocated resources for cybersecurity and how they measure their return on investment. Throughout Fiscal Years (FY) 2015, 2016, and 2017, these 24 states spent over $160 million on six categories of cybersecurity: (1) Information Security and Assessments; (2) Homeland Security and Emergency Management; (3) Education; (4) Training and Law Enforcement; (5) Business Investments; and (6) Unique Initiatives. Figure 1 highlights how the states allocated funds in these categories. The tables at the end of the memo break out each state’s appropriation by category.
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognizing you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful. Please see our privacy policy for more information.