More than $2 billion in discretionary funding allocated to the Cybersecurity Infrastructure and Infrastructure Agency (CISA) is line-itemed in President Biden’s FY 2022 proposed budget request sent to Congress.
The $1.52 trillion budget outline, which in actuality serves only as a White House wish list, includes $52 billion for the Department of Homeland Security (DHS), CISA’s umbrella agency. Inasmuch as each bill needs to pass Congress before becoming official and considering the small majority held by Democrats, it’s improbable that Biden’s budget will make it through both chambers intact.
The CISA discretionary request amounts to a $110 million increase from the 2021 enacted level. Additional provisions in the FY 2022 discretionary budget proposal include:
- $20 million for a Cyber Response and Recovery Fund.
- $500 million for the Technology Modernization Fund.
- $750 million for IT enhancements to federal agencies.
- $128 million to expand scientific and technological research at the National Institute of Standards and Technology.
“This funding would allow CISA to enhance its cybersecurity tools, hire highly qualified experts, and obtain support services to protect and defend Federal information technology systems,” the President’s Discretionary Funding Request reads.
The administration’s budget proposal comes hard on the heels of the two largest cybersecurity breaks in the nation’s history, the Russian backed SolarWinds hack and the China sponsored attack on Microsoft’s Exchange Server platform, with the former drawing mention in the budget proposal. "The COVID-19 pandemic and the significant cyber incident impacting agencies through products such as SolarWinds continue to highlight the urgent need to modernize federal technology, with particular emphasis on mission essential systems and citizen-facing digital services," said Shalanda Young, the acting director of the Office of Management and Budget, in a letter to Congress introducing the budget request.
As expected, Biden's blueprint drew reaction both from Congress and security providers. Rep. Jim Langevin, (D-RI), the co-chair of the Congressional Cybersecurity Caucus, praised the additional funding for CISA but called for more. "While I believe the $110 million increase for CISA is a good start, I think we can be even bolder in our vision for the nation’s premiere cybersecurity agency,” he said. (via Bank Info Security)
And, Joseph Neumann, cyber executive adviser at the security firm Coalfire and a former network operation officer in the U.S. Army, said the proposed amount falls short of what's needed to help CISA on federal security issues. "CISA would benefit more from wider reforms of federal information security to centralize security and responsibilities under one organization," he said. "Until centralization and consolidations occur, no matter how much additional $110-million-dollar asks CISA does, it is like throwing cups of water on a raging forest fire." (via Bank Info Security)
Cybersecurity takes a backseat in President Biden’s proposed $2.25 trillion infrastructure package, which is unlikely to garner bipartisan support, with no money allocated to defend the country from cyber attacks on critical infrastructure targets. Biden reportedly will soon issue an executive order said to include about a dozen actions to improve federal cybersecurity.