Cybersecurity Spending,
Legislation,
Standards, Regulations & Compliance
Restoration of CISA Staffing Levels and State Grant Program Under Congressional Plan
A recently proposed congressional funding bill aims to conclude the longest government shutdown in U.S. history and includes essential measures for the Cybersecurity and Infrastructure Security Agency (CISA). These measures focus on restoring staffing and reviving a significant grant program designed to enhance cyber defense capabilities.
This funding package reauthorizes the State and Local Cybersecurity Grant Program (SLCGP), initiated in 2021, to strengthen cybersecurity among state and local government entities. Furthermore, it reinstates a cyber threat-sharing law that had been suspended since the shutdown commenced, illustrating a renewed commitment to cybersecurity at multiple governmental levels.
The SLCGP, which is jointly managed by CISA and the Federal Emergency Management Agency, allocates $1 billion—an essential financial resource for local governments lacking robust cybersecurity investments. This funding is critical for addressing the vulnerabilities that many local jurisdictions face.
Anticipation is building as the bill proceeds to a full House vote, expected as soon as Wednesday evening, following its passage in the Senate. In addition to restoring funding, the legislation seeks to reverse staffing cuts across federal civilian agencies, including CISA, which currently operates at only 35% of its pre-shutdown workforce. This reduction has significantly hindered the agency’s ability to engage with stakeholders and coordinate cybersecurity efforts, particularly during a time of heightened threat levels.
An anonymous CISA staff member expressed cautious optimism about a potential return to operational normalcy, emphasizing the necessity of restoring adequate staffing levels to effectively combat cyber threats. The bill additionally provides for the funding of government operations through January 2026, including a provision prohibiting reduction-in-force actions during this period.
The continuation of the grant program and the cyber threat-sharing statute is a temporary reprieve, providing Congress with a window to finalize long-term reauthorizations for these vital cybersecurity initiatives. As Jiwon Ma, a policy analyst at the Foundation for Defense of Democracies, has observed, the upcoming 90 days could prove crucial for shaping the future stability of CISA and the SLCGP.
CISA has witnessed one of the most severe workforce reductions in the federal government since January, with reports indicating a drop to fewer than 900 employees from a peak of over 3,300 last year. This decline raises alarms about the nation’s overall cybersecurity posture, prompting lawmakers to demand accountability and transparency from the agency.
