Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybersecurity Funding

Cyberspace Solarium Commission: CISA Funding Should Increase by at Least $400M

In a letter to the United States House Committee on Appropriations, two members of the Cyberspace Solarium Commission are asking for an increase in funding for the Cybersecurity and Infrastructure Security Agency (CISA) in fiscal year 2022.

In a letter to the United States House Committee on Appropriations, two members of the Cyberspace Solarium Commission are asking for an increase in funding for the Cybersecurity and Infrastructure Security Agency (CISA) in fiscal year 2022.

Representatives Jim Langevin (D-R.I.) and Mike Gallagher (R-Wis.) are pressing for an allocation increase of at least $400 million to the Homeland Security Subcommittee, to support CISA’s budget, arguing that the funding is necessary to ensure timely implementation of “key authorities Congress just passed to strengthen CISA.”

The Cyberspace Solarium Commission was established in the National Defense Authorization Act for FY2019 and its goal is to “develop a consensus on a strategic approach to defending the United States in cyberspace against cyber attacks of significant consequences.”

Recent events such as the SolarWinds and Microsoft Exchange Server attacks, the two House representatives say, have led to a significant increase in cyber-activity, with CISA playing a central role in the government’s response to both incidents.

“Meanwhile, CISA continues to provide services to the rest of the U.S. government to identify threats and harden federal networks against future attacks, to the extent that their resources allow,” the two argue.

However, Reps. Langevin and Gallagher note in their letter, more is required from CISA to ensure that federal networks build meaningful security and that national resilience is improved in the face of significant cyber incidents.

As per the William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021, CISA is required to perform various actions, such as creating a Joint Cyber Planning Office, conducting resource requirement assessments, and finding threats within Federal agency networks, among others.

While CISA’s budget for FY21 has increased by more than $100 million, accompanied by funding through the American Rescue Plan Act of 2021 (ARPA), the agency will require additional funding for FY22, “to significantly expand non-federal network resilience efforts,” the letter reads.

Advertisement. Scroll to continue reading.

The purpose, the two Solarium Commission members say, is to expand CISA’s critical infrastructure sector engagement capacity, to support targeted outreach, to quickly deploy necessary tools to improve visibility across civilian networks, to grow CISA’s team for increasing operational resilience in the non-federal space, and to ensure CISA’s incident response capabilities can rapidly assist state, local, tribal, and territorial governments, as well as other non-federal partners.

The two representatives press for an increase in CISA’s allocations for FY22, from approximately $2 billion in FY21 to over $2.425 billion for FY22.

“We recommend an increase of at least $400 million for the FY22 appropriation to respond to these changing requirements,” the two members of the Solarium Commission say. “Without increases […] CISA would fall far short of the strong and effective cybersecurity agency the U.S. badly needs.”

Related: CISA Details Malware Found on Hacked Exchange Servers

Related: CISA, FBI Warn of Attacks Targeting Fortinet FortiOS

Related: CISA Releases Tool to Detect Microsoft 365 Compromise

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Cyber Insurance

Cyberinsurance and protection firm Boxx Insurance raises $14.4 million in a Series B funding round led by Zurich Insurance.