The Biden administration last Friday released a top line budget request for the Department of Homeland Security that would be essentially flat with current year spending levels but increase funding for the Cybersecurity and Infrastructure Security Agency (CISA) to help it contend with a worsening threat landscape.
The proposed $52 billion fiscal year 2022 discretionary request for DHS would be about $100 million, or 0.2 percent, higher than the current FY ’21 budget.
However, the administration’s “skinny budget” offers few details at agency and program levels.
These details will be released “in the months ahead,” Acting White House Office of Management and Budget Director Shalanda Young wrote to Senate Appropriations Committee Chairman Patrick Leahy (D-Vt.) last Friday.
The topline DHS budget request does include $2.1 billion for CISA, a $110 million increase above the FY ’21 enacted appropriation.
“The discretionary request responds, in a variety of ways, to funding challenges precipitated by recent cybersecurity incidents,” the 58-page April 9 budget document says.
Those cyber security incidents include hacks, believed to be for conducting espionage, of a number of federal and private sector networks through software provided by SolarWinds Inc. [SWI] and Microsoft [MSFT]. Administration officials have also highlighted a recent cyberattack of industrial control systems at a water treatment facility in Florida that compromised the integrity of the supply inside the facility before it was detected.
The request mentions a provision of $20 million for a new Cyber Response and Recovery Fund but offers no detail on major technology investments such as the Continuing Diagnostics and Mitigation (CDM) program and the EINSTEIN perimeter intrusion detection and prevention system. CISA officials and other cyber experts have highlighted the fact that the SolarWinds hack was done in a way to easily bypass EINSTEIN and that CDM isn’t deployed extensively enough across the federal civilian government to provide the necessary visibility and tools to adequately defend against such a sophisticated breach.
“This funding would allow CISA to enhance its cybersecurity tools, hire highly qualified experts, and obtain support services to protect and defend Federal information technology systems,” the request says.
Congress in March appropriated $650 million for CISA as part of a larger pandemic-related stimulus package and agency officials have said a chunk of this funding will be put toward CDM. These funds are in addition to the FY ’21 appropriations and the new FY ’22 request.
The budget request also mentions $1.2 billion for border security, a figure that includes modernizing land ports of entry, border security technology and assets, and “efforts to ensure the safe and humane treatment of migrants” in custody of Customs and Border Protection. No additional funding is proposed for physical barriers and the request proposes that Congress cancel prior unspent funding for the border wall.
“These investments would facilitate more robust and effective security screening to guard against human smuggling and trafficking, the movement of illicit drugs and weapons, the entry of undocumented migrants, and the import of unlawful goods, as well as provide for the more efficient processing of legal trade, travel, and commerce through the Nation’s land ports of entry,” the budget document says.
The administration is also proposing $599 million across DHS for research and development (R&D), with projects focused “primarily on climate resilience, cybersecurity data analytics, and transportation security technologies.” The proposal doesn’t breakout how much would be spent on operations and support of the department’s agencies that conduct R&D and how much would be spent on actual R&D.
For FY ’21, Congress provided the DHS Science and Technology Directorate about $765 million, which was on top of another $127 million appropriated to other components that have R&D responsibilities, including the Coast Guard, CISA, Countering Weapons of Mass Destruction Office, the Secret Service, and the Transportation Security Administration.