Integration and management of cybersecurity is a pervasive requirement for digital systems and networks. However, defining specific cybersecurity cost details and capturing data for cost estimating has proven to be difficult.
This presentation presents research conducted to evaluate federal government budget data for development of business IT systems to identify cost methods or factors that may provide a verifiable approach to estimate cybersecurity costs. Our results include a set of initial factors that will support cost estimating pending the collection and analysis of more detailed cost data coupled with technical data. We present the basis of the analysis (data, normalization, classification) followed by a discussion of factors that support cost estimates for various cybersecurity cost categories; such as: management, requirements/risk analysis, Hardware/Software integration.