The Cybersecurity and Infrastructure Security Agency (CISA) would receive $2.8 billion under a government funding package U.S. lawmakers unveiled on Thursday. That amount, part of a total $1.2 trillion package, is $35 million less than CISA received in fiscal year 2023. It is also $180 million under Biden’s administration’s budget request for fiscal year 2024. The White House’s latest proposed cybersecurity budget would pour an additional $103 million to the agency’s coffers, increasing its total budget to $3 billion. CISA most recently asked for $116 million just to oversee the implementation of a long-expected incident reporting rule. The package, which the House and Senate must pass before midnight on Friday in order to avoid a short-term lapse in government funding, provides CISA about $20 million less than it sought. Once in effect, the rule will require critical infrastructure entities to report breaches to CISA within 72 hours. It will also require them to report ransomware payments within 24 hours. CISA is required to publish a notice of proposed rulemaking for the incident reporting requirements by the end of this month. The agency then has another 18 months to finalize the rules before they go into effect.
Get more insights with the
Recorded Future
Intelligence Cloud.
Martin Matishak
is the senior cybersecurity reporter for The Record. Prior to joining Recorded Future News in 2021, he spent more than five years at Politico, where he covered digital and national security developments across Capitol Hill, the Pentagon and the U.S. intelligence community. He previously was a reporter at The Hill, National Journal Group and Inside Washington Publishers.