Spaulding worked on the Cyberspace Solarium Commission, a bipartisan congressional project established in 2019 to chart the future of American strategy in cyberspace. The commission made enhancing and empowering CISA one of its top priorities.
Chaired by the independent senator Angus King and the Republican congressman Mike Gallagher, Solarium aims to make the CISA the lead cybersecurity agency for the federal government and private companies in the US. King is reportedly a leading candidate for Biden’s director of national intelligence.
The Solarium recommendations include bolstering CISA’s resources, facilities, and authorities. The commission wants CISA to lead the government response to major cyber incidents in both the public and private sectors and to have the authority to hunt cyber threats across the entire government outside of the military—which, they note, boasts a much larger cybersecurity budget at about $9.6 billion and growing, compared with approximately $2 billion for CISA.
“Significant breaches that we’ve seen in the past in government could have been mitigated and more rapidly dealt with” with a fully-realized CISA, says Mark Montgomery, Solarium’s executive director. “And we haven’t had, for example, a significant attack on the electric grid or water system yet—the kind of attack that would make us wish for a stronger CISA. We’re hoping we can get CISA ready before those happen.”
As Biden’s presidency approaches, members of both parties are hoping for a bigger budget for the agency and a strong signal from the new White House that CISA is the primary way the US government protects critical infrastructure that’s mostly run by private companies, whether in the domain of elections, finance, or energy. CISA’s mandate includes managing cybersecurity issues but also defending against other kinds of threats, like terrorism, weather disasters, and sabotage. To support that expansive mission, Spaulding says, the agency needs significantly