Carnival Cruise says customer data exposed in breach
Lawmakers push for increased cybersecurity funds in annual appropriations
Lawmakers are increasingly pushing for Congress to increase funding in numerous areas to boost the nation's cybersecurity, particularly after multiple major breaches and a year in which hackers have increasingly targeted critical infrastructure.
House Homeland Security Committee ranking member John Katko (R-N.Y.) is leading the effort, submitting a budget proposal this week, which was provided to The Hill, that calls for increasing the Cybersecurity and Infrastructure Security Agency's (CISA) budget by 25 percent in the next fiscal year.
The overall amount Katko requested that Congress appropriate for CISA, the key federal agency in charge of securing critical infrastructure, was $2.5 billion, higher than President Biden's proposed $2.1 billion for the agency's budget in fiscal 2021.
"In order for CISA to compete against nefarious nation-state actors such as China, Russia, Iran, and North Korea, it must be equipped with tools of equal or greater measure," Katko wrote as part of the budget proposal. "The United States remains the most advanced nation in the world when it comes to cyber capabilities, yet we continue to see devastating and avoidable cyberattacks every few months."
Katko is not the only lawmaker urging Congress to appropriate more funding to CISA in the next fiscal year, particularly as it grapples with the fallout from both the Russian SolarWinds hack and the vulnerabilities discovered on Microsoft's Exchange Server in March.
Reps. Jim Langevin (D-R.I.) and Mike Gallagher (R-Wis.) sent a letter to the leaders of the House Appropriations Committee last month urging them to carve out at least an additional $400 million in funds available to CISA in the next year, particularly after leading the response to both the SolarWinds and Microsoft Exchange Server incidents.
"As part of the U.S. government response to both, CISA played a central role, providing cyber defenders in its sister agencies and critical infrastructure providers across the country with timely and reliable information on the threat and indicators of compromise," Langevin and Gallagher wrote. "Despite the critical functions that CISA is currently performing, far more is required of the agency in order to build meaningful security in federal networks and national resilience to significant cyber incidents."
CISA is not the only area where House lawmakers are hoping to see increased cybersecurity investments made.
House Energy and Commerce Chairman Frank Pallone Jr. (D-N.J.), ranking member Cathy McMorris Rodgers (R-Wash.), and Reps. Doris Matsui (D-Calif.) and Brett Guthrie (R-Ky.) sent a separate letter to the House Appropriations Committee on Thursday asking for funding to secure communications networks.
The lawmakers asked that the committee provide $750 million for a fund established for critical network security purposes at the National Telecommunications and Information Administration by the most recent National Defense Authorization Act.
"As the size, scale, and frequency of cyber incidents continue to increase, so too should our commitment to the goal of ensuring American communications networks are as safe and secure as possible," the House Energy and Commerce leaders wrote. "To that end, we request that the Committee on Appropriations provide at least $750 million in Fiscal Year 2022 appropriations for the Public Wireless Supply Chain Innovation Fund to facilitate the promotion and deployment of more secure communications networking technology and equipment."
President Biden's proposed budget for fiscal 2021 included a major bump for cybersecurity and emerging technology initiatives, including a $110 million boost for CISA's budget from the previous year, and $500 million for the Technology Modernization Fund (TMF) at the General Services Administration.
These funds are in addition to $650 million given to CISA by the American Rescue Plan Act earlier this year, and $1 billion to the TMF, which helps fund federal IT and technology modernization initiatives.
Katko pointed to testimony by CISA officials to Congress describing the $650 million as a "down payment" in urging Congress to do more to ensure the nation can fend off cyber threats.
"It is imperative that we put CISA on track to be a $5 billion agency within the next five years - to fully live up to its mandate as the nation's lead civilian cybersecurity agency," he wrote.