Cyber highlights in the $1.7 trillion government spending bill
President Joe Biden on Thursday signed a $1.7 trillion federal spending bill that includes a significant funding increase for the Cybersecurity and Infrastructure Security Agency (CISA).
The bipartisan legislation boosts the agency's budget by roughly $313 million, for a total of $2.9 billion. That is a 12% increase over fiscal year 2022 and 15% more than the White House sought for the Homeland Security Department’s cyber wing.
The bill allocates more than $1.7 billion for cybersecurity efforts, including the “protection of civilian federal networks that also benefit" state, local, tribal and territorial government networks. It also grants CISA $46 million for “threat hunting and response capabilities” across those systems.
The spending bill — which will keep the government operating through September, or the end of the fiscal year — reauthorizes CISA’s National Cybersecurity Protection System. The program provides government entities with cyber defense tools, like intrusion detection.
Lawmakers also want CISA to report back in 90 days about the feasibility of a public-private “cyber insurance and data analysis” working group and establishing an accreditation program for third-party cybersecurity providers that work with federal agencies, critical infrastructure operators and state and local governments.
The Office of the National Cyber Director receives a modest funding bump, rising from the $21 million it received in last year’s massive infrastructure bill to $21.9 million.
The measure provides $200 million for the Energy Department’s Office of Cybersecurity, Energy Security and Emergency Response, versus the $186 million Congress gave the office last year.
It also bans the use of the Chinese social media app TikTok on federal government devices. The Office of Management and Budget has 60 days to develop a plan for TikTok’s removal. The move comes after more than a dozen states, and the House of Representatives, banned the app from their devices.
The bill incorporates the RANSOMWARE Act, which requires the Federal Trade Commission to report back to Congress on the number and types of foreign ransomware or other cyberattack complaints it receives.
Martin Matishak
is the senior cybersecurity reporter for The Record. Prior to joining Recorded Future News in 2021, he spent more than five years at Politico, where he covered digital and national security developments across Capitol Hill, the Pentagon and the U.S. intelligence community. He previously was a reporter at The Hill, National Journal Group and Inside Washington Publishers.