FY2025 budget request
CISA Requests $116M to Fund Cyber Incident Reporting Initiative
The Cybersecurity and Infrastructure Security Agency is seeking $116 million to finance staffing and technology upgrade efforts for the Cyber Incident Reporting for Critical Infrastructure Act, according to the Department of Homeland Security’s fiscal year 2025 budget request.
CISA plans to implement ticketing and customer relationship management systems and onboard 122 employees to aid in processing cyber incident reports, Federal News Network reported.
Under CIRCIA, critical infrastructure operators will need to notify CISA about cyber incidents within 72 hours. The law also empowers CISA to subpoena non-compliant organizations.
CIRCIA is meant to provide agencies with faster insights into critical infrastructure cyberattacks to support response and warning efforts.
Matt Hayden, a former CISA official and vice president of cyber client engagement at General Dynamics Information Technology, described the law as a chance for the agency “to do its job with more data.”
CISA is expected to issue a notice of proposed rulemaking for CIRCIA to clarify the law’s scope and execution. Caleb Skeath, a partner at law firm Covington and Burling, said the agency aims to specify what incident types and details need to be reported.
Category: Cybersecurity