Justice wants $110M for zero‑trust

The Justice Department is asking Congress for $110.3 million to keep rebuilding its cyber defenses around one idea: nobody gets trusted just because they’re already inside the network. The request sits in the department’s fiscal year 2027 budget papers that Justice posted this week. (justice.gov, fedscoop.com) That “zero trust” model is the opposite of the old office-building approach to security, where getting past the front door often meant broad access once you were inside. The White House’s 2022 federal strategy told civilian agencies to keep checking identity, device health, and access rights every time a user reaches for an app or file. (whitehouse.gov, gao.gov) For Justice, this is not an abstract upgrade. The department says its zero-trust program grew out of the 2020 SolarWinds breach, when attackers slipped into federal systems through trusted software updates and showed how dangerous “inside equals safe” had become. (justice.gov, fedscoop.com) The $110.3 million request is split into two pieces. Justice wants $44.274 million for zero-trust work on unclassified systems and $66.060 million for national security systems and related cybersecurity upgrades outside Federal Bureau of Investigation systems. (justice.gov) The unclassified piece reads like a list of choke points attackers love. Justice says the money would pay for identity-based access across applications and data, real-time cloud security monitoring, and more event logging so suspicious activity leaves a bigger trail. (justice.gov) The national security piece is aimed at systems that handle more sensitive work. Justice says that money would fund zero-trust solutions and cybersecurity updates for national security systems outside the Federal Bureau of Investigation, which has its own separate budget lines. (justice.gov, justice.gov) This money is flowing through a central account called Justice Information Sharing Technology. Justice uses that account as the department-wide technology pot controlled by the chief information officer, so one office can push common security tools across many components instead of every bureau buying its own patchwork. (justice.gov) The backdrop is a federal budget that is not uniformly getting more generous on cyber. FedScoop reported that Justice had already seen cyber funding cut by $108 million in fiscal 2024, while CSO reported this week that the administration’s 2027 civilian budget trims cybersecurity in some places even as a few agency priorities still win increases. (fedscoop.com, csoonline.com) That pattern matches what federal watchdogs have been saying for years. The Government Accountability Office said agencies were expected to build zero-trust goals into their budget requests, because this kind of security shift is not a one-time software purchase but a long rebuild of identity systems, logging, cloud controls, and device checks. (gao.gov, whitehouse.gov) Justice is also not starting from zero. Its 2025 to 2027 information technology strategy says the department is already moving toward shared enterprise tools, and its zero-trust page says users should enter as general users first and then prove more before getting privileged access. (justice.gov, justice.gov) So the real story in this budget line is less “buy more cybersecurity” than “keep rewiring how federal access works.” If Congress approves it, Justice would be spending another $110.3 million to make every login, device, and data request answer the same question: prove it again. (justice.gov, whitehouse.gov)