In the past six months, the Department of Homeland Security has stood up a new cyber risk center. The Trump administration has announced it will undertake more offensive cyber operations. And the Pentagon has promised to deter foreign hackers in cyberspace.
But significantly expanding the government’s cyber efforts will require additional dollars from Capitol Hill appropriators. And following this month’s midterm elections, Congressional aides are skeptical the near-term budget outlook will drastically change after Democrats take control of the House and Republicans lead the Senate. Instead, they expect another continuing resolution in the coming years. Such an agreement would limit new funds for a growing number of cyber initiatives.
In hearings this week, some of the federal government’s cyber leaders said they need additional dollars in the next year. Offering a window of hope, both Democratic and Republican aides told Fifth Domain that cybersecurity is one of the few issues that has bipartisan support on Capitol Hill.
The Department of Homeland Security “must have the internal capacity to fulfill its missions,” Rep. Jim Langevin, D-R.I., told Fifth Domain in a statement. “I will advocate for robust funding for the new cybersecurity agency Congress finally authorized on Tuesday that is commensurate with its important responsibilities and ensures that DHS is able to provide timely assistance in response to requests.”
When asked by lawmakers Nov. 14 if the Department of Homeland Security needed new funding, Jeanette Manfra, one of Homeland Security’s senior cyber leaders, was blunt.
‘We can do more with more,” she told Rep. Cedric Richmond, D-La., during a joint hearing.
Richmond asked whether it was fair that the Pentagon received $8 billion for its cyber budget while Homeland Security received $1 billion. The Pentagon has a broad portfolio, responded Kenneth Rapuano, the agency’s assistant secretary for homeland defense and global security.
“The great majority of that funding goes to development of weapons systems with cyber resilience and cybersecurity capabilities to the services,” Rapuano said. He added that the defense information system and the chief information officer also account for large shares of the Pentagon’s budget.
Pentagon weapons are also dangerously vulnerable to cyberattack, and defense leaders are expected to invest in protecting new purchases.
The Pentagon has discussed “the equivalent of a cyber Stafford act,” which would provide emergency assistance in the event of a cyberattack, Lt. Gen. Bradford Shwedo, a director of C4 capabilities at the Defense Department told lawmakers. The Stafford Act gives the federal government additional powers and resources in the event of a natural disaster.
Funding will not be the only cyber priority in the house. Aides for Democratic lawmakers told Fifth Domain they expect greater oversight over corporations regarding false or misleading statements over cybersecurity. One House aide expressed frustration that voting machine and IoT companies have not been held accountable for dubious claims regarding the cybersecurity protections embedded in their products.
Justin Lynch is the Associate Editor at Fifth Domain. He has written for the New Yorker, the Associated Press, Foreign Policy, the Atlantic, and others. Follow him on Twitter @just1nlynch.