Senate proposes $58M boost to CISA's budget to clear out risk assessment backlog

government security 

A Senate panel is moving to provide the Department of Homeland Security with an additional $58 million in an effort to reduce an ongoing backlog of requests for the department's cybersecurity agencies to provide vulnerability assessments for state and local authorities.

The new funding is to support the continued reduction of a "12-month backlog in vulnerability assessments reported to the National Cybersecurity and Communications Integration Center," according to an explanatory statement accompanying the Senate Appropriations Committee's draft annual spending bill for DHS.

NCCIC is part of the Cybersecurity and Infrastructure Security Agency which has taken up the task of testing critical infrastructure -- election and otherwise -- for state and local agencies. The apparent backlog is outstanding from last year when lawmakers moved to provide additional funding to CISA for the same purpose.

The committee is recommending CISA receive approximately $2 billion in fiscal year 2021 funding, $270 million more than the president's budget request sought.

Geoff Hale, director of CISA's Election Security Initiative, said last week that the high demand from state and local election officials for CISA to conduct risk vulnerability assessments drove the agency to scale up its efforts.

"We started with risk and vulnerability assessments which are resource intensive teams of six [people] flying out on location to do an in-depth assessment," he said at a Nov. 17 virtual event hosted by the Cyber Threat Alliance.

"But the demand for a more scalable service really drove us to develop remote penetration testing which the community has embraced in full," he continued.

The equivalent draft bill by the House Appropriations Committee does not contain a similar funding increase; the difference will have to be reconciled during legislative negotiations.

The federal government is currently operating under a continuing resolution that is set to expire on Dec. 11. The House committee introduced its DHS legislation in July, but it was never passed by the full House. The Senate committee published its draft spending bills last week.

About the Author

Justin Katz covers cybersecurity for FCW. Previously he covered the Navy and Marine Corps for Inside Defense, focusing on weapons, vehicle acquisition and congressional oversight of the Pentagon. Prior to reporting for Inside Defense, Katz covered community news in the Baltimore and Washington D.C. areas. Connect with him on Twitter at @JustinSKatz.


  • Comment
    customer experience (garagestock/

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected