Virginia governor signs budget, kicking off series of cybersecurity programs

Though Gov. Terry McAuliffe won't get all the money he hoped for, the state's new budget still includes millions to support a bevy of cyber-focused initiatives.

With a new biennial budget finalized, Virginia is moving ahead with a series of cybersecurity programs, though many received only a fraction of the funding Gov. Terry McAuliffe was hoping to earn for the initiatives.

McAuliffe signed the 2016-2018 budget into law late last month, and now his administration begins the work of using the funds that lawmakers set aside to either stand up or expand cyber-focused efforts across the state. But while the governor proposed nearly $22 million in cybersecurity investments in December, the Legislature ultimately slashed the size of several of McAuliffe’s marquis proposals.

The new budget contains just over $6.2 million specifically dedicated to programs that the governor outlined last year, with a smattering of other funds allocated to other cybersecurity-focused issues. Nevertheless, Secretary of Technology Karen Jackson told StateScoop that she’s “not going to bemoan any of the things we didn’t get,” and is encouraged by the results of the budget process as a whole when it comes to cyber programs.

“Obviously, you always want more, that’s just human nature, but I think we did really well,” Jackson said. “You certainly always want everything you asked for, anybody who’s worked in the legislative realm for any length of time knows that’s usually not where you end up one way or the other. But I think we’ve got enough to really implement these activities.”


Jackson is especially encouraged by the $4 million the state will have to start a new “cyber range” at Virginia Tech, a virtual training ground that will help high school and college students get real-world experience battling cyberthreats. That amount is exactly what McAuliffe asked the Legislature for, and Jackson feels it’s probably “one of the biggest things we got on the education side” of the budget.

Yet the other cyber education programs the administration was hoping to stand up didn’t receive quite the same level of support.

McAuliffe was hoping to invest $3 million in a new cybersecurity “scholarship for service program,” which requires winners to commit to two years of state service after graduation. While lawmakers did find some funds to launch the program, they only allocated $1 million for the initiative.

Similarly, the Legislature severely cut back on McAuliffe’s proposal to funnel more than $3.5 million to four-year universities and community colleges to help those institutions earn certifications through the “National Centers of Academic Excellence in Information Assurance/Cyber Defense” program run by the National Security Agency and Department of Homeland Security. Instead, the state will be sending $432,000 to the schools for that purpose over the next two years.

But Jackson is pleased that lawmakers decided to fully fund their expansion of a program at George Mason University to prepare military veterans for cybersecurity careers, setting aside $800,000 for the effort.


[Read more: Northrop Grumman blasts Virginia’s decision to end exclusive IT arrangement]

On the balance, even though the dollar amounts were a bit different than McAuliffe’s team initially hoped, Jackson said she’s overwhelmingly optimistic about how the state will be able to move ahead with these cybersecurity efforts. After all, back in March, the House dropped all money from its proposed budget to fund these programs, according to McAuliffe’s office, forcing the administration to compromise — a spokesman for Speaker of the House William Howell didn’t respond to StateScoop’s requests for comment on the budget process.

“We’ve never had a scholarship for service program before, never had a cyber range before, now we have more cyber training for veterans,” Jackson said. “We’re off to a great start, and as we start to have successes, we can certainly go back and ask for additional funding down the road, but we feel confident that we can make a difference with what we got.”

Jackson also noted that the state was able to secure funding for 14 new cybersecurity-focused positions split between the Virginia State Police and the state’s Department of Emergency Management, and they were “very pleased to bulk up on that side.”

Similarly, she’s excited about the new shared cyber services center that will operate within the Virginia Information Technologies Agency that’s funded under the new budget. Lawmakers are sending the agency more than $8.2 million over the next two years to set up the center and staff it with 14 new cyber professionals, who will be dedicated to helping other state agencies with less robust cyber capabilities keep an eye on their networks, Jackson said.


“We now have a way forward to make sure that everybody’s taken care of, without needing to have a full time, 24-by-7 CISO because not everybody needs one,” Jackson said.

But even with this budgetary work finished, Jackson won’t have long to focus on getting these new programs off the ground before she turns to next year’s budget process. However, she’s excited to see how these initiatives pan out, since the state’s early results will guide how much money the administration pushes for the next time around.

“We’ve got about three months before we have to start thinking about the next budget,” Jackson said. “That’s not a lot of time when you’re implementing in July to start thinking about your runway, but we’ll at least have some information by that point … and we were pleased that the legislature was able to work with us, and they see the value of cyber activities just as much as we do.”

Contact the reporter at, and follow him on Twitter @AlexKomaSNG.

Latest Podcasts