US cybersecurity agency funding is under fire from Sen. Rand Paul



Sen. Rand Paul, a top critic of the federal government’s cybersecurity watchdog, says the agency is overstepping its authority by trying to regulate the flow of information online.

The Republican from Kentucky has expressed concern about the Cybersecurity and Infrastructure Agency’s 50% budget growth over the last five years and what he calls its censorship of content on social media. The agency refutes the latter.

“CISA has blatantly violated the First Amendment and colluded with big tech to censor the speech of ordinary Americans,” Paul said in a statement to Federal Times. “Federal courts have ordered CISA to stop, but the trust CISA has abused cannot be restored until the agency gives a full accounting of what it has done, and Congress changes the law to create severe penalties for anyone who tries to do the same thing in the future.”

Even before a 5th Circuit Court of Appeals said in an opinion that CISA and other federal officials interacted with sites like Facebook, Google and Twitter (now known as X) to moderate information, Paul emerged as an opponent of expanding CISA’s power.

The Washington Post previously reported he has opposed at least 11 bills that would address cybersecurity in some part.

The senator didn’t say what a compromise would look like, though he has introduced a bill of his own that would mandate public reporting of communications between any federal agencies and tech companies. It would also prohibit funding of anything that resembled the Department of Homeland Security’s Disinformation Governance Board, which lasted only a few months before it was dissolved last summer.

In his statement, Paul said his legislation would “require CISA to come clean about its actions that violated the First Amendment, but also establish the penalties that will prevent government censorship in the future.”

CISA has taken a prominent role in the Biden administration’s broader campaign to secure government technology, fill cyber talent gaps and defend public infrastructure from increasingly complex cyberattacks. Now, at the start of a new fiscal year, it plans to keep hiring and to build out cyber reporting and mitigation processes if it receives the funding it requested.

Housed within the Department of Homeland Security, CISA was created in 2018 under President Donald Trump to monitor and prevent cyberattacks in and out of government.

“This mission has never been more urgent as our nation faces a wide array of threats that could undermine our national security, our economic prosperity, and our public health and safety,” Jen Easterly, CISA’s director, said during March testimony before the House Appropriations Committee.

At the time, Easterly was presenting the president’s budget request for CISA, which called for $3.1 billion in fiscal 2024 — an increase of $149 million over the prior fiscal year.

Despite disagreements, there has been a bipartisan call to shore up cybersecurity and update legacy IT, especially against advanced adversaries like China — the “broadest, most active, and persistent cyber espionage threat to U.S. government and private-sector networks,” according to the Office of the Director of National Intelligence’s most recent threat assessment.

Several bills have been proposed to address different aspects of that goal.

For instance, in May, the House pushed several bills through committee, including two to address security risks in open-source software and expand cyber training for DHS employees.

Another workforce-related bill, the Civilian Cybersecurity Reserve Act, emerged from the Senate Homeland Security and Governmental Affairs Committee with bipartisan support in May. That bill aims to address chronic talent shortages through a pilot program of tech experts who would serve in a program similar to the military’s National Guard or reserves.

Another key bill awaiting lawmakers is the full spending package for CISA. After Congress failed to pass a budget last month, agencies are now operating under a continuing resolution that expires Nov. 17.

DHS previously said a funding gap hampers cybersecurity and critical infrastructure support.

Molly Weisner is a staff reporter for Federal Times where she covers labor, policy and contracting pertaining to the government workforce. She made previous stops at USA Today and McClatchy as a digital producer, and worked at The New York Times as a copy editor. Molly majored in journalism at the University of North Carolina at Chapel Hill.

Leave a Reply

Your email address will not be published. Required fields are marked *