The government has published a breakdown of the £860m spent on the National Cyber Security Programme.
The news comes just a month after Alex Dewedney, director of cyber security at GCHQ's information security arm CESG, suggested that the spending "hasn't worked".
The UK Cyber Security Strategy 2011-2016 Annual Report (PDF) showed that the government spent £441.8m on a "national sovereign capability to detect and defeat high-end threats", accounting for more than half of the £860m budget.
This came within one per cent of the budget through "rigorous financial management" with incremental increases over the past five years.
Downing Street spent £100m on cyber security in 2011/12, rising to £150m in 2012/13 and £175m in 2013/14. Some £200m was spent in each of the past two years.
Around £117m went on law enforcement and combating cyber crime, £80.6m on "support to full spectrum effects capability", which referred to the government's "attack capabilities", according to Sean Sullivan, security advisor at F-Secure.
A further £39.6m was spent on improving the resilience of the Public Sector Network (PSN), and £40.4m on "mainstreaming cyber throughout defence".
But Dewedney said last month that there had been a "mantra in the UK" that the solution to cyber security problems is information sharing and partnerships. More than £60m was spent on private sector engagement and awareness.
"[People believe that] if we keep doing that somehow it will magically cause improvement to happen. That approach by itself is not sufficient," said Dewedney.
He also criticised the government for "not spending money on fixing legacy IT issues" that have left a situation which "is killing us".
The Cabinet Office breakdown does not include a section on fixing legacy IT problems, and it seems that the government has attempted to build on top of what it already has, rather than starting with a clean slate.
The government and the IT industry have expressed concerns about a cyber security skills gap, and Whitehall chiefs have spent £32.8m on education and skills to help to fill this gap.
Dewedney argued that this is the crucial area, and that the problem is "not so much a money issue as a human resources issue".
The Cabinet Office spent £24.4m on incident management, response and trend analysis, £8.1m on international engagement and capacity building, and £7.8m on programme management, coordination and policy.
The government may claim to have kept within its budget, but Dewedney suggested that the £860m spent on cyber security simply "hasn't worked".
"I think the best way to sum up the challenge we face is that, while we've done a lot over the past five years and spent quite a lot of money as a government, particularly in those years of austerity we've been through, the bottom line is it hasn't worked," he said.
The Cabinet Office will release a new UK Cyber Security strategy later this year detailing how the government plans to spend £1.9bn a year on cyber security by 2020, a commitment first announced by chancellor George Osborne in a speech at GCHQ in November.
Ultra-high-end all-in-one PCs from HP feature either 24-inch or 27-inch displays
Roomba 'smart' vacuum cleaner company iRobot plans to sell maps of users' homes to Apple, Amazon and Google
'Smart' products spying on their owners and selling the data for profit? Who'd have thought it!
TNT Express still struggling with NotPetya malware - crucial documents remain locked up in borked systems as staff grapple with manual procedures
TNT depots over-flowing with parcels as the company struggles to recover from NotPetya - while Reckitt Benckiser reports 'ongoing' recovery
Full roll-out of Android O expected within weeks