House approves massive infrastructure plan that includes $1.9 billion for cybersecurity
Martin Matishak November 6, 2021

House approves massive infrastructure plan that includes $1.9 billion for cybersecurity

Martin Matishak

November 6, 2021

House approves massive infrastructure plan that includes $1.9 billion for cybersecurity

The U.S. House of Representatives on Friday approved $1.2 trillion infrastructure bill that will invest nearly $2 billion in cybersecurity efforts throughout the federal government.

The final vote, after a day of painstaking negotiations among congressional Democrats, was 228-206. Thirteen Republicans joined the majority of Democrats to support the measure; six Democrats voted against it.

The bill now heads to President Joe Biden’s desk to be signed into law.

The legislation passed by the Senate in August but was stalled in the House as Democrats tried to negotiate a deal on a separate $1.9 trillion economic spending package that is also loaded with cybersecurity provisions.

After okaying the infrastructure legislation, lawmakers adopted a procedural rule setting a floor debate framework on the social spending package for later this month in a 221-213 party-line vote.

Biden on Saturday lauded the bill’s passage.

“Finally — infrastructure week,” the president joked he walked into the State Dining Room. “We did something that’s long overdue, that’s long been talked about in Washington, but never has actually been done.”

The infrastructure bill allocates $1.9 billion in cybersecurity funds, with $1 billion devoted to creating a new grant program to improve the cybersecurity of state, local, tribal and territorial governments.

The money would be administered by the Federal Emergency Management Agency, which runs the Homeland Security Department’s existing grant programs, over a four-year period starting in fiscal year 2022. The Cybersecurity and Infrastructure Security Agency would act as a subject matter expert when determining the awards.

The measure incorporates the Cyber Response and Recovery Act, which authorizes $100 million over five years to support federal response to cyber incidents. It also allows the Homeland Security Secretary, working with the National Cyber Director, to declare a significant cyber incident. CISA would coordinate the response to the event and tap the emergency fund to help both private companies, and the government, recover from cyberattacks.

Lawmakers also folded $21 million into the massive bill for National Cyber Director Chris Inglis to stand up the new office. The organization has relied on a White House contingency budget in order to operate.

Biden said he is confident that Congress will pass the separate safety net package.

“I’ve been able in the Senate to put things together when people said they couldn’t be put together just by making the overwhelming point that they can’t have all you want,” he said. “It’s a process.”

Martin is a cybersecurity reporter for The Record. He spent the last five years at Politico, where he covered Congress, the Pentagon and the U.S. intelligence community and was a driving force behind the publication's cybersecurity newsletter.