House reconciliation bill includes nearly $800 million for CISA


NOTE: This story first appeared on

The House version of the $3.5 trillion Build Back Better Act includes almost $800 million for the  Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security.

The funding supports the implementation of President Joe Biden's May executive order on cybersecurity, in particular the section on modernizing government cybersecurity through zero-trust architecture, cloud adoption, multifactor authentication and encryption. When the order was released, there was concern in industry that the administration was issuing unfunded mandates to agencies that could complicate the accomplishment of the goals laid out in the order.

The House Homeland Security Committee chairman Rep. Bennie Thompson (D-Miss.) noted that the funding has a 10-year lifespan.

The committee marked up its section of the budget resolution for fiscal year 2022 on Tuesday. Democrats are hoping that bill can be passed through the Senate on a simple majority vote through the reconciliation process.

The bill includes $400 million to support the implementation of the executive order, including the sections on endpoint detection and response, incident logging, cloud security and multifactor authentication.

An amendment offered by Rep. Elissa Slotkin (D-Mich.) added $60 million to CISA's cloud architecture and migration services as well as support for threat hunting in the cloud.

The bill also includes $25 million for a nationwide multifactor authentication campaign aimed at the general public, $50 million for the Multi-State Information Sharing and Analysis Center, $50 million for the operation and expansion of Crossfeed, a voluntary, self-service CISA program aimed at giving private-sector website operators a dashboard view of potential vulnerabilities. A similar program called CyberSentry, focused on critical infrastructure, is poised to get $75 million thanks to an amendment from Rep. Yvette Clarke (D-N.Y.), who chairs the panel's subcommittee on Cybersecurity, Infrastructure Protection and Innovation.

The bill also adds $100 million for cybersecurity education and training with an eye to building workforce capacity inside the federal government.

"Congress has generously funded many security priorities in recent years, but for too long funding for cyber has not kept pace with the threats," Thompson said. "The cost of waiting any longer to invest in cybersecurity is simply too high."

Ranking Member Rep. John Katko (R-N.Y.) complained in his opening statement that the views of the minority were not consulted in the construction of the massive $3.5 trillion bill and that the drafting of the committee's relatively small portion of the bill did not take into account the ransomware threat. He also noted that the bill's focus on funding CISA ignores a swath of other potential threats to the U.S.

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above.

WT Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.