Written by: Haim Ravia and Dotan Hammer
The White House’s Office of Management and Budget (OMB) and the Office of the National Cyber Director (ONCD) have released a memorandum titled “Administration Cybersecurity Priorities for the FY 2026 Budget.” This memo provides a comprehensive roadmap for federal agencies and offers crucial guidance for developing their fiscal year 2026 budget submissions in line with the National Cybersecurity Strategy.
Key priorities include –
- Defending Critical Infrastructure – Directing agencies to strengthen IT systems with zero trust architectures, update outdated systems, and use government-managed cybersecurity services. This includes improving FISMA metrics, aligning departmental cybersecurity efforts, and submitting updated zero-trust plans, with potential fines for non-compliance.
- Enhancing Public-Private Collaboration – Directing agencies to ensure each SRMA manages sector-specific risks and has adequate resources. Set and enforce minimum cybersecurity standards across sectors, consult with entities for adaptable requirements, and ensure budget submissions fund necessary capabilities. Secure and contribute to open-source software by developing contribution mechanisms, monitoring code changes, and integrating open source into IT governance.
- Disrupting and Dismantling Threat Actors – Directing agencies to prioritize resources to investigate cybercrimes, dismantle ransomware networks, and combat virtual currency abuse. Ensure federal software complies with secure development practices, supported by budget submissions. Federal funding should enhance security and resilience in critical infrastructure projects, ensuring adequate resources and technical assistance.
- Investing in a Resilient Future – directing agencies to support the National Cyber Workforce and Education Strategy (NCWES) to address hiring challenges through flexible hiring, skills-based assessments, and initiatives to attract diverse cyber talent. Secure resources for transitioning critical systems to quantum-resistant cryptography and refine cost estimates. Ensure hardware and software are secure by design with memory-safe programming, secure development policies, and improved Internet routing security.
- Forging International Partnerships – directing agencies to pursue shared goals by supporting global cybersecurity, enhancing international law enforcement collaboration, and improving supply chain security. Budget submissions should focus on increasing the transparency, security, and resilience of global supply chains and fostering long-term public-private partnerships.
Click here to read the memorandum for the heads of executive departments and agencies.