WASHINGTON, DC – Today, U.S. Senators Rob Portman (R-OH) and Gary Peters (D-MI), Ranking Member and Chairman of the Homeland Security and Governmental Affairs, applauded the Senate Homeland Security and Governmental Affairs Committee for unanimously passing their bipartisan State and Local Government Cybersecurity Act to promote stronger cybersecurity coordination between the Department of Homeland Security (DHS) and state and local governments. The bipartisan legislation will encourage federal cybersecurity experts to share information regarding cybersecurity threats, vulnerabilities, and breaches as well as resources to prevent and recover from cyberattacks with states and localities who are increasingly targeted by bad actors.
“As we’ve seen from the many recent cyberattacks, hackers with malicious intent can and do attack state and local cyber infrastructure consistently. Sometimes, state and local governments need some additional help or access to expertise to address these threats,” said Senator Portman. “I’m pleased the Senate Homeland Security and Governmental Affairs Committee has passed this bill to strengthen an existing relationship between the Department of Homeland Security and state and local partners to improve coordination and information sharing to help protect our IT infrastructure at all levels of government.”
“Cash-strapped state and local governments often don’t have the expertise or resources needed to identify weak points in their networks that hackers can exploit. As cybercriminals continue targeting the networks of state, local, tribal, and territorial governments – it’s critical the federal government provides them with the tools to fight back, protect sensitive information, and ensure they can continue to serve their residents,” said Senator Peters. “I’m pleased this important legislation has advanced in the Senate, and will continue working to ensure its swift passage into law to bolster our cybersecurity defenses at every level of government.”
State and local governments increasingly find themselves targeted by high-profile cyberattacks, costing taxpayers millions of dollars and threatening the data privacy of millions of Americans. A cyberattack that hit the city of Tulsa in May allowed hackers to access Social Security numbers and continues to impact the city’s entire computer system. Last year, the city of Knoxville paid hackers to unlock city computer systems, and a ransomware attack cost the city of New Orleans at least $7 million. In 2019, the Board of Commissioners from Genesee County in Michigan reported similar attacks on their network, after hackers locked their system and demanded payment for its release.
The State and Local Government Cybersecurity Act will facilitate coordination between DHS and state and local governments in several key areas. The legislation will permit the National Cybersecurity and Communications Integration Center (NCCIC) to provide state and local actors with access to improved security tools, policies, and procedures, while also encouraging collaboration for the effective implementation of those resources, including joint cybersecurity exercises. The legislation will also build on previous efforts by the Multi-State Information Sharing and Analysis Center (MS-ISAC) to prevent, protect, and respond to future cybersecurity incidents. These changes would also ensure that government officials and their staffs have access to the hardware and software products needed to bolster their cyber defenses.