President Biden’s FY2022 budget document released today proposes a 14 percent increase from the estimated cybersecurity funding level for last year, to a total of $9.8 billion in Federal civilian cybersecurity funding.
Overall, the $9.8 billion in funding will “secure Federal civilian networks, protect the nation’s infrastructure, and support efforts to share information, standards, and best practices with critical infrastructure partners and American businesses,” according to the budget proposal.
The Cybersecurity and Infrastructure Security Agency (CISA) is set to receive $2.1 billion, as promised in the skinny budget released earlier this year, for a $110 million increase from the FY2021 budget. This funding would build on the $650 million for CISA provided outside of the regular appropriations process in the American Rescue Plan Act of 2021.
The budget proposal also includes $750 million to respond to “lessons learned” from the SolarWinds hack. Although the budget document does not detail specific lessons learned, it says the funding will go to “agencies affected by recent, significant cyber incidents to address exigent gaps in security capability.”
“Cybersecurity is a top priority for this administration, and recent events, such as the SolarWinds cyber incident, have shown that adversaries continue to target Federal systems,” the budget document says.
Additionally, the budget includes $20 million for a new Cyber Response and Recovery Fund “to improve national critical infrastructure cybersecurity response,” and a whopping $5 billion for a Critical Supply Chain Resilience Fund.
The budget also requests $40 million to enhance the electric grid, “including cyber,” and $15 million to support the Office of the National Cyber Director, which was established in the National Defense Authorization Act for Fiscal Year 2021.
The White House also noted that budget priorities include funding for the IT and cybersecurity workforce; the Continuous Diagnostics and Mitigation (CDM) Program; Coordinated Vulnerability Disclosure (CVD); and data methodology for assessing cyber threats and the Federal cyber posture.
The proposed budget request does not include Department of Defense funding requests. However, “The budget also fully supports the Department of Defense (DOD) cyber efforts, which include safeguarding DOD’s networks, information, and systems; supporting military commander objectives; and defending the nation against cyber threats,” one document said.