Blog
U.S. State and Federal Funding for Cybersecurity is on the Rise
Cybersecurity has come to the forefront of state and federal policy over the past few years. In 2021, there were over 285 pieces of legislation related to cybersecurity introduced in state legislative sessions. In 2022, there were over 300 pieces of legislation introduced at the state level.
The White House has made it clear that increasing funding and adding additional cybersecurity initiatives is a priority of the administration.
The $1.2 trillion dollar Infrastructure Investment and Jobs Act was signed by President Biden in November 2021 and included $1 billion for grants to improve state, local, tribal and territorial government cybersecurity. That landmark bill was the largest federal investment in cybersecurity to date.
Allocation of the $1 billion in funds to states is spread out over the next four years:
~$200 million in 2022
~$400 million in 2023
~$300 million in 2024
~$100 million in 2025.
Eighty percent of those funds are required to go directly to local governments, with 25 percent directed to rural areas.
State CIOs and chief information security officers will be the overall authority for managing and allocating funds within the states. States will be required to submit detailed cybersecurity plans to CISA on how the funds will be spent, which will then be approved by CISA before any projects can be funded.
In March of 2022, President Biden’s $5.8 trillion budget plan spelled out $10.9 billion in cybersecurity funding across civilian government agencies, according to the administration. An 11% increase from his request from the previous year.
A portion of the amount – $2.5 billion – will go to the Cybersecurity and Infrastructure Security Agency (CISA,) which is a $500 million increase in funds from the previous year. The proposed budget provides $175 million to help increase resilience for privately owned critical infrastructure. Also included is $8 million for the CISA Cybersecurity Advisory Committee, Cyber Safety Review Board and the creation of an Advisory Council Program Management Office.
According to the official statement from the White House, the funding is designed to help safeguard federal infrastructure against cyberattacks, improve the security of elections, as well as to “maintain critical cybersecurity capabilities implemented in the American Rescue Plan; expand network protection throughout the Federal executive Branch; and bolster support capabilities, such as cloud business applications, enhanced analytics, and stakeholder engagement.”
Additionally, the budget includes $215 million to protect sensitive agency systems and $10 million to strengthen “the national cybersecurity workforce pipeline.” There is also an additional $36 million specifically for ICT supply chain security.
The budget highlights several government organizations that will receive funding to improve cybersecurity, including the Coast Guard, the Federal Aviation Administration, the Treasury Department, the Department of Justice, and the Department of Veterans Affairs.
The budget should also help the Office of the National Cyber Director improve “national coordination in the face of escalating cyber-attacks on Government and critical infrastructure.” In addition, funding has been allocated to improving the safety and security of elections and creating public-private partnerships.
Funding for additional Cyber Mission Force Teams , which include U.S. Cyber Command personnel to respond to attacks against the nation is also included.
How has this uptick in cybersecurity legislation and government interest affected your business and your job and do you expect this trend to continue at this rate over the next few years? Can we expect increased attention at the local, state and federal level in terms of bolstering cybersecurity regulations, funding and overall interest and is that generally positive for cyber?
To learn more about one of the most recent bills funding cybersecurity check out Cybersecurity Funding in the Infrastructure Investment and Jobs Act (IIJA), a publication from the Grants Office.