TO THE MEMBERS OF THE UNITED STATES SENATE:
The U.S. Chamber of Commerce thanks you and the entire Congress for appropriating the $650 million for the Cybersecurity and Infrastructure Security Agency (CISA) in the American Rescue Plan of 2021. These funds will help CISA to address urgent, operational risks like nation-state threat activity and critical vulnerabilities. I am writing to you today in support of Congress furthering increasing CISA’s annual appropriations.
The Chamber appreciates that President Biden’s FY2022 discretionary budget request underscores that CISA needs additional resources to improve federal cybersecurity across the U.S. government by providing a $110 million increase from the FY 2021 enacted level and requests $20 million for a new Cyber Response and Recovery Fund. These resources, coupled with the $650 million in ARP appropriations, are necessary to help CISA prevent new attacks and manage the incident response to three significant cyberattacks and manage a surge in ransomware attacks. But more funding will be needed if CISA, and our federal, state, and local government infrastructure, is to keep up with the expanded mission and authorities provided for by the FY 2021 National Defense Authorization Act and President Biden’s recent Executive Order on Improving the Nation’s Cybersecurity. While CISA is steadily increasing in robustness, adversaries are exponentially increasing the frequency, scale, and sophistication of their campaigns resulting in higher impact events.
CISA’s longer-term challenge is the security of civilian executive federal networks. Outdated systems or inadequate organizational focus on system maintenance significantly coupled with the global pandemic has dramatically shifted the cyber risk landscape over the past year. CISA, in cooperation with the Office of Management and Budget, can leverage its role as a Quality Service Management Office to drive digital transformation, implement strong governance, and manage technology environments across the U.S. government domain.
The solution is a sustained, long-term investment in CISA focused on these key areas:
- Accelerating migration to cloud environments as appropriate.
- Improving hunting and incident response capacity.
- Establishing zero trust network architectures.
- Enhancing analysis and information sharing.
- Enhancing critical infrastructure partnerships and protection.
- Increasing cybersecurity protection, response, and recovery resources for state and local governments through funding CISA Regions and building international capacity through funding CISA Global.
- Enhancing resourcing to small business cybersecurity and cyberattack protections, response, and recovery.
The Chamber looks forward to working with you in a bipartisan manner to ensure Congress provides enhanced resources to CISA and support its mission of defending today and securing tomorrow. It is critical to supporting our members ability to do business and support the global economy.
Neil L. Bradley
cc: Members of the Senate Committee on Appropriations