In a letter to the United States House Committee on Appropriations, two members of the Cyberspace Solarium Commission are asking for an increase in funding for the Cybersecurity and Infrastructure Security Agency (CISA) in fiscal year 2022.
Representatives Jim Langevin (D-R.I.) and Mike Gallagher (R-Wis.) are pressing for an allocation increase of at least $400 million to the Homeland Security Subcommittee, to support CISA’s budget, arguing that the funding is necessary to ensure timely implementation of “key authorities Congress just passed to strengthen CISA.”
The Cyberspace Solarium Commission was established in the National Defense Authorization Act for FY2019 and its goal is to “develop a consensus on a strategic approach to defending the United States in cyberspace against cyber attacks of significant consequences.”
Recent events such as the SolarWinds and Microsoft Exchange Server attacks, the two House representatives say, have led to a significant increase in cyber-activity, with CISA playing a central role in the government’s response to both incidents.
“Meanwhile, CISA continues to provide services to the rest of the U.S. government to identify threats and harden federal networks against future attacks, to the extent that their resources allow,” the two argue.
However, Reps. Langevin and Gallagher note in their letter, more is required from CISA to ensure that federal networks build meaningful security and that national resilience is improved in the face of significant cyber incidents.
As per the William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021, CISA is required to perform various actions, such as creating a Joint Cyber Planning Office, conducting resource requirement assessments, and finding threats within Federal agency networks, among others.
While CISA’s budget for FY21 has increased by more than $100 million, accompanied by funding through the American Rescue Plan Act of 2021 (ARPA), the agency will require additional funding for FY22, “to significantly expand non-federal network resilience efforts,” the letter reads.
The purpose, the two Solarium Commission members say, is to expand CISA’s critical infrastructure sector engagement capacity, to support targeted outreach, to quickly deploy necessary tools to improve visibility across civilian networks, to grow CISA’s team for increasing operational resilience in the non-federal space, and to ensure CISA’s incident response capabilities can rapidly assist state, local, tribal, and territorial governments, as well as other non-federal partners.
The two representatives press for an increase in CISA’s allocations for FY22, from approximately $2 billion in FY21 to over $2.425 billion for FY22.
“We recommend an increase of at least $400 million for the FY22 appropriation to respond to these changing requirements,” the two members of the Solarium Commission say. “Without increases […] CISA would fall far short of the strong and effective cybersecurity agency the U.S. badly needs.”
Related: CISA Details Malware Found on Hacked Exchange Servers
Related: CISA, FBI Warn of Attacks Targeting Fortinet FortiOS
Related: CISA Releases Tool to Detect Microsoft 365 Compromise