The Office of Management and Budget (OMB) and the Office of the National Cyber Director (ONCD) have released a comprehensive memorandum outlining the Administration’s cross-agency cybersecurity investment priorities for the fiscal year (FY) 2026 budget submissions. This initiative aligns with the National Cybersecurity Strategy (NCS) and emphasizes data-driven decision-making and performance measurement strategies across federal departments and agencies.
The NCS focuses on five strategic pillars:
- Defend Critical Infrastructure: Agencies are directed to modernize federal defenses by adopting zero trust architectures, enhancing technology modernization, and leveraging government-managed cybersecurity services. Updated zero trust implementation plans are required within 120 days.
- Disrupt and Dismantle Threat Actors: The Administration aims to counter cybercrime and dismantle adversarial infrastructure. Agencies with roles in disrupting threat actors should prioritize resources for investigating cybercrimes and participating in interagency task forces.
- Shape Market Forces to Drive Security and Resilience: This includes securing software development and leveraging federal procurement to enhance accountability. Agencies should meet secure software development requirements and ensure security in federally funded projects.
- Invest in a Resilient Future: Strengthening the cyber workforce is a key focus, with initiatives to support flexible hiring, remove barriers, and attract diverse talent. Agencies should also prepare for the post-quantum future by transitioning critical systems to quantum-resistant cryptography.
- Forge International Partnerships to Pursue Shared Goals: The Administration seeks to maintain a secure global cyberspace through international collaboration. Agencies should enhance global cyber capacity, implement Executive Order 14034, and improve the security of global supply chains.
The memorandum also emphasizes the importance of public-private collaboration, baseline cybersecurity requirements, and the secure use of open source software. Agencies are encouraged to contribute to the sustainability of open source components and integrate open source considerations into their IT and cybersecurity governance structures.
This strategic guidance aims to ensure that federal investments in cybersecurity are aligned with the broader goals of enhancing national security, resilience, and international cooperation.