WASHINGTON, DC – Legislation authored by U.S. Senators Gary Peters (D-MI) and Rob Portman (R-OH), Chairman and Ranking Member of the Homeland Security and Governmental Affairs Committee, to promote stronger cybersecurity coordination between the Department of Homeland Security (DHS) and state and local governments has passed the Senate. The bipartisan State and Local Government Cybersecurity Act would encourage federal cybersecurity experts to share information regarding cybersecurity threats, vulnerabilities, and breaches, as well as resources to prevent and recover from cyber-attacks, with states and localities who are increasingly targeted by bad actors. The bill now heads to the House of Representatives for consideration.
“Cybercriminals continue attacking state, local, tribal, and territorial government networks. The federal government needs to step in and take action to help these local communities – which often lack the resources to defend themselves – to quickly identify threats and seal up vulnerabilities in their information technology systems,” said Senator Peters. “This bipartisan legislation will help local governments provide critical services to residents even in the event of a cyber-attack, and I’ll continue to fight for its swift passage into law.”
“As we’ve seen from the many recent cyberattacks, hackers with malicious intent can and do attack state and local cyber infrastructure consistently. Sometimes, state and local governments need some additional help or access to expertise to address these threats,” said Senator Portman. “That’s why I’m pleased the Senate passed this bipartisan bill to strengthen an existing relationship between the Department of Homeland Security and state and local partners to improve coordination and information sharing to help protect our IT infrastructure at all levels of government.”
State and local governments increasingly find themselves targeted by high-profile cyber-attacks, costing taxpayers millions of dollars and threatening the data privacy of millions of Americans. A cyber-attack that hit the city of Tulsa in May exposed residents’ Social Security numbers. Last year, the city of Knoxville paid hackers to unlock city computer systems, and a ransomware attack cost the city of New Orleans millions of dollars. In 2019, the Board of Commissioners from Genesee County in Michigan reported similar attacks on their network, after hackers locked their system and demanded payment for its release.
The State and Local Government Cybersecurity Act would facilitate coordination between DHS and state and local governments in several key areas. The legislation would permit the National Cybersecurity and Communications Integration Center (NCCIC) to provide state and local actors with access to improved security tools, policies and procedures, while also encouraging collaboration for the effective implementation of those resources, including joint cybersecurity exercises. The legislation would also build on previous efforts by the Multi-State Information Sharing and Analysis Center (MS-ISAC) to prevent, protect, and respond to future cybersecurity incidents. These changes would also ensure that government officials and their staffs have access to the hardware and software products needed to bolster their cyber defenses.