Mixed race security guard watching monitors in control room

Key trends in federal cybersecurity investment

Is your agency prepared to detect and respond to a cyber event?

    Download the full report: Key Trends in Federal Cybersecurity Investment

    Conduct a cyber tabletop training exercise each year and include multiple stakeholders from the start.

    Large multiagency tabletop exercises have shown how preparation for a cyber response helps organizations enhance their cybersecurity posture. Including multiple groups, such as legal, public affairs and business units, into tabletop exercises is critical for success. 

    Prioritize and implement a cyber supply chain risk management (SCRM) program – early detection of supplier risks will enable risk-informed decisions.

    With continued federal government requirements for stronger SCRM, agencies must prioritize SCRM and establish programs to mitigate risk as supply chains are increasingly targeted by adversaries.

    Cyber threat intelligence (CTI) programs are essential – actionable intelligence tailored to your agency needs.

    CTI enables effective decision-making to mitigate information security risks​. CTI is not just an indicator of compromised feeds or detection signatures. It is a holistic program designed to inform information security risk mitigation and provides the foundation for threat hunting, controls design for defense in depth and other risk mitigation strategies.

    Be prepared across all five pillars of zero trust – establish a security framework that covers all aspects of zero trust.

    Zero trust frameworks and use cases vary by organization and function. EY teams are help multiple agencies focus on business and cyber use cases with zero trust solutions across the five pillars to include mapping to the DHS CISA Zero Trust Maturity Model.


    We partnered with Market Connections to design a survey across federal civilian and defense agencies to understand key trends in cybersecurity investments. Where are agency leaders focusing their time and resources? How can they make the most of their spending dollars and what are their current priorities?

    About this article

    Related articles

    How to modernize audit security and access management capabilities

    Helping a federal agency improve audit security by architecting and implementing refreshed identity and access management technology.

    22 Mar 2023

    The zero trust journey: transforming cyber defense

    Zero trust is a security model that moves from static, network-based cyber defenses to a continuously validated security configuration across five key pillars.

    03 Aug 2022 Scott Smith

    How the government is prioritizing cybersecurity

    How the government is prioritizing cybersecurity

    28 Jan 2022 Scott Smith
      Contact us
      Like what you’ve seen? Get in touch to learn more.