WASHINGTON, DC – U.S. Senators Gary Peters (D-MI) and Ron Johnson (R-WI), Ranking Member and Chairman of the Senate Homeland Security and Governmental Affairs Committee, Amy Klobuchar (D-MN) and James Lankford (R-OK) introduced a bipartisan bill to strengthen local government cybersecurity defenses by switching to the .gov domain for websites and email addresses. The DOTGOV Online Trust in Government Act of 2019 directs the Department of Homeland of Security (DHS) to provide resources and assistance to local governments wanting to adopt .gov web addresses. Federal and state government agencies commonly use the .gov domain, but it is not widely used on a local level. This trusted domain increases resilience to cyber crimes that frequently target local government systems.
“Local governments are responsible for safeguarding citizens’ personal data, from social security numbers and credit card information to detailed medical records,” said Senator Peters. “This important legislation will help protect the personal information of people in Michigan and across the country from hackers looking to take advantage of gaps in our cybersecurity defenses.”
“The passage of this bill will ensure state, local, tribal, and territorial governments have greater access to a trusted domain and Department of Homeland Security resources, ultimately increasing the security of their websites in today’s ever-changing cyber threat landscape,” said Senator Johnson. “It will also help Americans and businesses know which government websites are legitimate and better prevent them from distributing sensitive information.”
“When official government websites use the .gov domain instead of alternatives like .us or .com, it makes those government websites and email addresses more secure,” said Senator Klobuchar. “Unfortunately, right now most county and local governments don’t use the .gov domain. This allows cybercriminals to more easily impersonate government officials in order to defraud the public and get people to share sensitive information. Our bipartisan bill provides support services, security enhancements, and dedicated outreach to help state, local, territorial, and tribal governments to adopt the .gov domain, improving cybersecurity and trust in public services across the United States.”
“The internet has become a main source of information, but you can’t always trust what you read on the internet,” said Senator Lankford. “The DOTGOV Online Trust in Government Act expands the federal government’s ability to offer a city, state, county, or Tribal government the .gov domain, which will provide more communities access to safe, secure, online resources.”
“I think it is great that additional emphasis is being placed on expanding use of the .gov domain to non-federal agencies,” said Chris DeRusha, the State of Michigan’s Chief Security Officer. “Counties and localities have used .org or .com for convenience or branding purposes, but in the era of increased cyber attacks .gov can provide an extra layer of certainty – both for website and email. Moving more entities to .gov will help citizens know they are looking at the legitimate address. The .gov expansion bill also focuses on improved outreach and support to local entities which will be crucial in encouraging the move towards .gov.”
“When Michiganders see a .gov website or email, they know they can trust that it is legitimate,” said Michigan Secretary of State Jocelyn Benson. “Expanding the availability of this trusted domain to local governments could help boost public confidence and strengthen the security of government systems.”
“I support Senator Peters’ efforts to include local governments in the use of the .gov domain. The DOTGOV Online Trust in Government Act is a vital step in enhancing security at the local level by making the county government’s website and emails more official and more difficult to imitate,” said Barb Byrum, Ingham County Clerk. “In the age where so many important aspects of daily life involve interaction with the Internet, I want the public to have confidence in the interactions they are having online through my Office. I appreciate that this bill both would open doors for us at the county and local level to use the .gov domain more easily, and provide resources for us to make our websites more secure.”
Many county and local governments do not use .gov, which allows cyber criminals to create fake local government websites and email addresses used in attacks that can trick individuals and small businesses into sharing sensitive information. For victims, it can be difficult to identify a legitimate website when a government uses .com, .org, or .us domains. Websites and emails ending in .gov are easily recognized as official and difficult to impersonate, which can help safeguard against these types of malicious attacks.
The DOTGOV Online Trust in Government Act directs the Cybersecurity and Infrastructure Security Agency (CISA), a component of DHS, to work with local governments to help them transition to .gov domains. The bill directs DHS to develop an outreach strategy and resources to help local government offices take advantage of .gov security features. The bill also helps the transition more affordable for local governments by making the change an allowable expense under DHS’s Homeland Security Grant Program.