Stopgap funding legislation deadlocked in the Senate puts key cybersecurity programs at risk if the measure is not passed ahead of a Sept. 30 shutdown deadline.
Those two programs are the Cybersecurity Information Sharing Act of 2015 (CISA 15) and the State and Local Cybersecurity Grant Program (SLCGP), both of which are reauthorized through the House Republicans’ stopgap measure that passed out of the House last Friday in a largely partisan vote.
However, that measure to fund the federal government through Nov. 21 is now deadlocked in the Senate, where Democrats have vowed to defeat the measure, and Republicans voted against a democratic proposal to move the deadline to Oct. 31.
Both CISA 15 and the SLCGP are set to expire on Sept. 30 without reauthorization from Congress.
CISA 15 – which created a legal framework to encourage industry and the federal government to share cyber threat indicators – has been hailed as critical to continue bolstering the nation’s cyber defenses, garnering bipartisan support from lawmakers, federal officials, and the Trump administration.
Without reauthorizing that program, cybersecurity experts have warned that the nation would be set back a decade in progress. National Cyber Director Sean Cairncross recently doubled down on the importance of maintaining the program, naming it as one of his top priorities.
Meanwhile, the fate of the SLCGP has put state and local officials on edge, who have warned congressional leadership that without continuing funding under the program that provides $1 billion in cybersecurity grants over four years, cyber defense would likely falter.
Some states have attested to the program’s ability to help them fend off cyber threats, with the chief information officer for the State of Utah telling lawmakers this spring that SLCGP’s funding has helped the state block seven major cyberattacks between late 2024 and early 2025.
SLCGP was established through the Infrastructure Investment and Jobs Act of 2021 and is overseen by the Cybersecurity and Infrastructure Security Agency and the Federal Emergency Management Agency.
While the stopgap measure is encountering pushback, the homeland security committees in both the House and Senate are working on bills to reauthorize CISA 15. The House panel favorably reported its measure to the full House, while the Senate’s scheduled markup of its version of the act was cancelled to focus instead on the stopgap measure.