Biden official defends request for millions more for cybersecurity agency

The Biden administration on Thursday defended its cyber security agency’s big budget request — a roughly $300 million or 13% increase from last year —  by saying the extra money was for people, processes and partnerships.

The White House’s nearly $2.5 billion request for fiscal 2023 is up nearly $500 million from 2021 and up more than $300 million from President Biden’s request for fiscal year 2022.

At a congressional hearing, Rep. Chuck Fleischmann pressed Cybersecurity and Infrastructure Security Agency Director Jen Easterly to explain where the money is going given how fast the agency’s budget is growing.

“We need to be able to have money for building human capital and procurement and acquisition and funding our financial office and our facilities,” Ms. Easterly said. “So that engine that drives the ability to create mission is incredibly important.”

Mr. Fleischmann, Tennessee Republican, said that the new $2.5 billion request would arrive on top of a $1 billion jump that Congress allocated through other means to CISA.

“In my view, CISA has grown rapidly over the past few years and has been in the enviable position of having been provided significant resources by Congress,” Mr. Fleischmann said. “Over 1 billion dollars in additional funding has been provided in just the past year.”

Mr. Biden has urged private sector companies to take responsibility for their cyberdefense, but his team is also pressing lawmakers to fork over more money to fortify its relationships with businesses. 

Ms. Easterly said in written testimony that the Biden administration wants an $18 million increase to $71 million for its Joint Cyber Defense Collaborative that weds national security and law enforcement agencies together with private sector companies to fight hackers and ransomware attackers. 

Ms. Easterly said the collaborative that she helped establish works with the nation’s biggest technology companies to develop a multiphase plan regarding what to do in the event of a cyberattack spiraling from the conflict in Ukraine.

She said the government utilized the messaging platform Slack to make it happen. 

“You’ll recall that SolarWinds was not discovered by the U.S. government, it was discovered by a cybersecurity vendor so our partnership with those technology companies is critical,” Ms. Easterly said. “In addition, we’ve been pulling the financial services sector, 22 of the biggest banks, 38 of the biggest energy companies into similar collaboration channels so we can share information and early warning on malicious activities so that we can be prepared to drive down risk to the nation.”