The Congressional Budget Office (CBO) said in an Oct. 11 report that H.R. 1975, the Cybersecurity Advisory Committee Authorization Act of 2019, would cost $2 million dollars over the next five years to implement.
The legislation, introduced by John Katko, R-N.Y., Dan Newhouse, R-Wash., Brian Fitzpatrick, R-Pa., and Dan Lipinski, D-Ill., would create a Chief Information Security Officer Advisory Committee (CSAC) with CISA which would “advise, consult with, report to, and make recommendations to the Director of Cybersecurity and Infrastructure Security on the development, refinement, and implementation of policies, programs, rulemakings, planning, training, and security directives pertaining to the mission of [CISA].” In a statement in September, Katko said the committee will “ensure a more holistic and wide-ranging approach is taken to addressing cybersecurity threats.”
For FY2020, CBO said the legislation would cost less than $500,000 to implement and from 2020-2024, it would cost $2 million total. CBO based its estimate on “information from the agency about the administrative costs of similar advisory committees.” The estimates account for staff salaries, travel costs, and other expenses associated with the advisory committee.
CBO’s low estimate likely pleases the bill’s cosponsors who view the advisory committee as critical to national security.
“It is essential that CISA stays ahead of cyberthreats that are evolving by the day,” House Homeland Security Committee Ranking Member Mike Rogers, R-Ala, said in a press release.“The Cybersecurity Advisory Committee Authorization Act ensures that CISA hears from an array of viewpoints about emerging cyberthreats by establishing an advisory committee of state and local government and industry leaders.”
