Biden increases the budget for cybersecurity, but is it enough?

President Joe Biden is asking Congress for more money to protect federal civilian agencies from cyberattacks, although some critics say it’s not enough.

Biden’s 2023 budget request to Congress includes $10.9 billion for cybersecurity efforts at federal civilian agencies, up about 11% from the previous year. The $5.8 trillion Biden budget also includes $2.5 billion for the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, an increase of nearly $500 million. It also includes a request for $175 million to improve the cyber resilience of privately owned critical infrastructure.

The cybersecurity portion of Biden’s budget request focuses on meeting his priorities in a May 2021 executive order, which includes a plan to modernize the federal government’s cybersecurity protections. For example, Biden wants agencies to move to a zero-trust cybersecurity architecture, which dictates that no person or device outside of the agency’s network should be granted access to its IT systems until authenticated.

Several cybersecurity experts praised the budget increase, but some called for even more funding or a more innovative approach to security.

The Biden budget should look more to the future of cybersecurity, said Mike Rogers, a former Republican chairman of the House Intelligence Committee, now serving as a board member at the Leadership to Ensure the American Dream.

The Biden administration “recognizes that cyber is a battleground today and will only become more so in the future, but its budget priorities are not forward-looking enough,” Rogers told the Washington Examiner. “Rather than build for the future, we’re just piling on weak foundations and plugging gaps.”

The government still has many cybersecurity problems, “with each agency trying to figure it out on their own, legacy systems that need modernization, and getting personnel in charge to get it done,” he added.

Rogers said the federal government should focus on “thinking ahead” of attackers and not just reacting. He called for layered and collective approaches to cybersecurity, with a more extensive partnership between the federal government and the private sector.

“To put it simply, if we keep running the same defenses we’ve been putting out onto the field, our adversaries are going to keep scoring points, and we can’t afford that now or tomorrow,” he added.

The federal government has a lot of work to do, added Jennifer Tisdale, CEO of cybersecurity vendor GRIMM.

“By most standards, a $10 billion budget would seem generous, except when referencing the enormity of the task before the federal government in relation to increasing the nation’s cybersecurity posture,” she told the Washington Examiner.

For example, CISA needs funding to help utility organizations better protect power, energy, and oil and gas providers, she said. She added that cybersecurity education should also take up a significant portion of that budget.

“Are we better off with the increased budget? Yes,” she said. “Is there more the U.S. government could do to implement meaningful cybersecurity practices? Also, yes.”

Tisdale added that the government needs to prioritize and increase budgets for cybersecurity in the future, too, saying, “Cybersecurity will never be a one-and-done effort. The risks are ongoing and ever-changing.”

While the budget increase is a positive step, the Biden administration should focus more on sharing information between government agencies and private companies and promote zero trust, said Raj Dodhiawala, president of Remediant, a cybersecurity vendor focused on zero-trust efforts. He recommended that private companies also look for ways to work more proactively with federal efforts.

“We could argue that it will never be enough, but the increased funding will help organize needs better and could be scaled in the future,” he told the Washington Examiner.

Meanwhile, he added that many state and local governments are “woefully underfunded” for cybersecurity protections and many are understaffed.

“The budget from the Biden administration signifies a priority, which state and local governments should emulate,” he said.

Comments are closed.