The House last Friday passed President Biden’s Build Back Better Act (H.R. 5376), a spending bill with close to $2 trillion in new funding to fight climate change, provide new education initiatives, reform immigration and more, including $500 million for the Department of Homeland Security’s agency charged with boosting the nation’s cybersecurity.
The bill’s passage came four days after Biden signed a $1 trillion infrastructure measure into law that includes more than $1 billion in cybersecurity funding, most of it to be managed by the DHS Cybersecurity and Infrastructure Security Agency (CISA), which is quickly seeing its star rise as it works to improve the information security of federal civilian agencies and with the private sector to strengthen its networks.
Earlier this year, Biden signed a stimulus package that provided $650 million for CISA, much of that of that for improved technologies and more personnel. Excluding funding contained in the earlier stimulus bill and recent infrastructure act, CISA’s budget for fiscal year 2021 was about $2 billion and congressional appropriators are proposing between $2.4 billion and $2.6 billion for the agency in FY ’22.
Some in Congress, notably Rep. John Katko (R-N.Y.), believe CISA needs about $5 billion annually to do its job.
The Build Back Better Act, approved by a 220 to 213 vote with one Democrat joining all Republicans in opposition, still faces an uncertain future in the Senate and its passage will likely depend on trimming the spending plans down to meet any demands of Sens. Joe Manchin (D-W.Va.) and Kyrsten Sinema (D-Ariz.).
The act includes $100 million for CISA to do cybersecurity risk mitigation, another $100 million to build the cyber workforce, $80 million for recruiting and training talent at the state and local level, $50 million for the voluntary CyberSentry program that installs monitors on the information and operational technology networks of critical infrastructure entities for threat hunting purposes, $50 million for research and development into cybersecurity for industrial control systems, $50 million to secure federal cloud architectures, $35 million for the Multi-State Information Sharing and Analysis Center to monitor threats to state IT systems, $20 million related to migrating to the dotgov internet domain, and $15 million for cybersecurity training for teachers.
The Build Back Better Act also includes $900 million for DHS to reduce its carbon footprint and another $100 million to improve security at churches, synagogues and other places of worship.
The Infrastructure Investment and Jobs Act signed into law last Monday includes $1 billion spread over four years for a new grant program for CISA to help state, local, tribal and territorial governments modernize their networks and strengthen their cybersecurity. The new law also includes $100 million for CISA to spend over five years to respond to significant cyber incidents to federal and non-federal entities.