“Congress was right to give the agency new authorities that allow it to better defend our interests in cyberspace, but without requisite funding, we’re setting CISA up for failure," the lawmakers wrote.
The two House legislators appointed to the Cyberspace Solarium Commission are pressing House Appropriations Committee members to increase funding for the Cybersecurity and Infrastructure Security Agency.
Reps. Jim Langevin, D-R.I.. and Mike Gallagher. R-Wis., asked the committee’s chair and ranking member in a letter Friday to up funding for CISA by at least $400 million, following a key recommendation in the commission’s report. In the letter, Langevin and Gallagher state “forgoing such an increase will delay implementation of key authorities” Congress passed strengthening CISA in the latest National Defense Authorization Act.
“As our nation’s premier cyber defense agency, CISA must have the appropriate resources to grow and meet its legally required mandate,” Langevin said in a statement. “Unless Congress steps up and funds CISA at the level our national security requires, our federal and critical infrastructure networks will remain vulnerable to threats from our adversaries. CISA must have the necessary funding to protect and defend Americans in cyberspace—our national security depends on it.”
CISA helped lead the federal government’s response to the recent SolarWinds hack, which affected nine federal agencies and numerous companies. In fiscal 2022, CISA is expected to expand nonfederal network resilience efforts across five specific lines of effort. Those efforts include expanding CISA’s critical infrastructure sector engagement capacity, more outreach and services, expanding federal network resilience, enabling a secure cyber ecosystem and the creation of a cybersecurity response and recovery fund.
“The importance of CISA’s role in protecting our nation’s cyber infrastructure cannot be overstated,” Gallagher said. “Congress was right to give the agency new authorities that allow it to better defend our interests in cyberspace, but without requisite funding, we’re setting CISA up for failure. It’s imperative we ensure CISA has the additional $400 million it needs to fulfill its mission in the coming year.”
The letter indicates some funding could come from funds made available to CISA through the American Rescue Plan, which was signed into law in March. The law included $650 million for CISA for cybersecurity risk mitigation. President Joe Biden’s discretionary budget called for CISA to receive $2.1 billion, which would be $110 million more than enacted in 2021.