Cybersecurity

Biden includes over $10 billion in cyber, IT funds as part of COVID-19 relief proposal

by Maggie Miller

President-elect Joe Biden is set Thursday to roll out a sweeping COVID-19 relief plan that includes more than $10 billion in funding to boost the nation’s cybersecurity and information technology after a massive Russian cyberattack.

In the proposal, billed as an “American rescue package,” Biden calls on Congress to approve a major investment in IT and cybersecurity for the federal government, describing it as “an urgent national security issue that cannot wait.” Biden is set to detail the plan during a speech later Thursday. 

The plan includes a $9 billion investment for the Cybersecurity and Infrastructure Security Agency (CISA) and the General Services Administration (GSA) to launch new cybersecurity and IT shared services.

A further $200 million is proposed to help with “rapid” hiring of technology experts for the federal Chief Information Security Officer and U.S. Digital Service, while $300 million would go toward funding further technology programs at the GSA. The plan also designates $690 million to CISA to improve security monitoring and incident response.

The inclusion of proposed funding for federal cybersecurity and IT comes as the government continues to grapple with the fallout of a Russian cyberattack on IT company SolarWinds, which counted as clients the majority of federal agencies and U.S. Fortune 500 companies. 

Agencies including the Commerce, Defense, Homeland Security, Justice, State, and Treasury departments have confirmed they were victims of the hack, which has been ongoing for much of the past year but was first discovered in December. 

“In addition to the COVID-19 crisis, we also face a crisis when it comes to the nation’s cybersecurity,” the Biden plan reads. “The recent cybersecurity breaches of federal government data systems underscore the importance and urgency of strengthening U.S. cybersecurity capabilities. President-elect Biden is calling on Congress to launch the most ambitious effort ever to modernize and secure federal IT and networks.”

Biden said during a speech in December that the SolarWinds hack constituted a “grave threat to national security,” and later in the month separately pushed for modernization of the nation’s defenses to address new and evolving risks.

“We have to be able to innovate and reimagine our defenses against growing threats in new realms like cyberspace,” Biden said.

State and local officials have repeatedly sounded the alarm over the lack of funds for IT and cybersecurity priorities over the past year, as COVID-19 has sapped funds and hackers have stepped up targeting of more vulnerable government systems. All state and local support was left out of the most recent COVID-19 relief package. 

The proposed cybersecurity and IT funds are part of a larger $1.9 trillion plan that mainly addresses COVID-19 relief, including new direct payments and raising the minimum wage.