Biden calls for $22 billion in cyber security funding

New plan will harden the nation’s energy grid

In the wake of the Colonial Pipeline ransomware attack, the White House is calling for $22 billion in new cyber security spending to protect the nation’s vulnerable infrastructure.

In a statement Tuesday, the Biden administration called for $20 billion in grants to harden the nation’s energy systems by strengthening cyber security and the energy grid’s resilience. It also proposed $2 billion in federal grants to support microgrids and grid resilience in areas with a high risk of power outages.

“Specifically, these modernization block grants will be tied to the use of and compliance with 21st century energy, technology, and security standards,” the White House said.

“Eligibility for these grants will also be contingent on policies requiring installation of technology that detects and blocks malicious cyber activity on information and operational technology networks, consistent with privacy protections.”

The actual amount of cyber security funding that will pass Congress remains up in the air, though. Biden is trying to win bipartisan support for his $2.3 trillion American Jobs Plan to upgrade the nation’s infrastructure, with Republicans calling for a less expensive plan.

This follows the Colonial Pipeline ransomware attack, which caused gasoline shortages in the southeastern US; last December’s Solarwinds hack, which affected 18,000 organizations worldwide including the US Department of Homeland Security; and recent widespread cyber attacks exploiting vulnerabilities in the Microsoft Exchange Server.

President Biden’s $2.3 trillion American Jobs Plan also seeks $100 billion to connect every American household to broadband internet by the end of the decade.

The Biden administration’s call Tuesday for $22 billion in new cyber security spending is only its most recent attempt to shore up vulnerable US infrastructure from cyber attacks.

Last week, Biden signed an executive order to increase the US’s defenses against cyber attacks and provide better lines of communication between law enforcement and service providers to enhance investigations.

That Executive Order on Improving the Nation’s Cyber Security requires IT (information technology) and OT (operational technology) service providers to share cyber security threat information with the government. Federal agencies must also implement multifactor authentication to their systems and encrypt all data in the next 180 days and deploy a zero-trust security architecture.

Related Resource

Security awareness training strategies for account takeover protection

Why you need an inside-the-perimeter strategy for internal threats

Security awareness training strategies for account takeover protection - whitepaper from MimecastDownload now

The White House is also readying a plan created by the National Security Council to increase the cyber security and resilience of the electrical grid. The plan will be largely voluntary to avoid resistance to regulation. It will carry incentives that will make it more appealing for electrical operators to implement protections.

Those protections include cyber security monitoring equipment and an assessment to identify sites that would present the most risk to the grid in an attack.

That plan will also extend Cyber Testing for Resilient Industrial Control Systems (CyTRICS), a partially classified plan that identifies vulnerabilities in the electrical grid that intruders could exploit.

Featured Resources

Consumer choice and the payment experience

A software provider's guide to getting, growing, and keeping customers

Download now

Prevent fraud and phishing attacks with DMARC

How to use domain-based message authentication, reporting, and conformance for email security

Download now

Business in the new economy landscape

How we coped with 2020 and looking ahead to a brighter 2021

Download now

How to increase cyber resilience within your organisation

Cyber resilience for dummies

Download now

Recommended

ProtectedBy.AI’s CodeLock blocks malware at source code level
software as a service (SaaS)

ProtectedBy.AI’s CodeLock blocks malware at source code level

9 Jun 2021
CISOs aren’t leading by example when it comes to cyber security
cyber security

CISOs aren’t leading by example when it comes to cyber security

24 May 2021
New report highlights the need for diversity in cyber security recruitment
cyber security

New report highlights the need for diversity in cyber security recruitment

28 Apr 2021
Splunk debuts a new suite of cloud security solutions
Security

Splunk debuts a new suite of cloud security solutions

22 Jun 2021

Most Popular

Best paying tech jobs of 2021
Careers & training

Best paying tech jobs of 2021

7 Jun 2021
Ten-year-old iOS 4 recreated as an iPhone app
iOS

Ten-year-old iOS 4 recreated as an iPhone app

10 Jun 2021
Mythic launches power-sipping AI chip
Hardware

Mythic launches power-sipping AI chip

8 Jun 2021