Portman, Peters Bipartisan Legislation to Strengthen Cybersecurity Coordination with State and Local Governments Signed into Law

WASHINGTON, DC – U.S. Senators Rob Portman (R-OH) and Gary Peters (D-MI), Ranking Member and Chairman of the Homeland Security and Governmental Affairs Committee, announced their bipartisan State and Local Government Cybersecurity Act to promote stronger cybersecurity coordination between the Department of Homeland Security (DHS) and state and local governments has been signed into law. This bipartisan law requires federal cybersecurity experts to share information regarding cybersecurity threats and vulnerabilities, as well as resources to prevent and recover from cyberattacks, with states and localities who are increasingly targeted by bad actors. The bipartisan law passed the Senate earlier this year.

“I’m proud that our bipartisan State and Local Government Cybersecurity Act has been signed into law because as we’ve seen from the many recent cyberattacks, hackers with malicious intent can and do attack state and local cyber infrastructure,” said Senator Portman. “This bipartisan law will strengthen an existing relationship between the Department of Homeland Security and state and local partners to improve coordination and information sharing to help protect our IT infrastructure at all levels of government.”

“Cybercriminals and other bad actors continue to target state and local networks to disrupt our lives and livelihoods. These malicious attacks, which can infiltrate public utilities and compromise personal sensitive information like credit card and Social Security Numbers, pose a serious threat to our economic and national security,” said Senator Peters. “I applaud President Biden for signing this critical legislation into law to require better information sharing between the federal government and state and local governments to help protect our most essential networks.”

State and local governments increasingly find themselves targeted by high-profile cyber-attacks, costing taxpayers millions of dollars and threatening the data privacy of millions of Americans. A cyber-attack that hit the city of Tulsa last May exposed residents’ Social Security numbers. In recent years, the city of Florence, Alabama paid hackers to unlock city computer systems, and a ransomware attack cost the city of New Orleans millions of dollars. In 2019, the Board of Commissioners from Genesee County in Michigan reported similar attacks on their network, after hackers locked their system and demanded payment for its release.

The State and Local Government Cybersecurity Act facilitates coordination between DHS and state and local governments in several key areas. The legislation requires the Cybersecurity and Infrastructure Security Agency to provide state and local actors with access to improved security tools, policies and procedures, while also encouraging collaboration for the effective implementation of those resources, including joint cybersecurity exercises. The legislation also builds on previous efforts by the Multi-State Information Sharing and Analysis Center (MS-ISAC) to prevent, protect, and respond to future cybersecurity incidents. These changes ensure that government officials and their staffs have access to the hardware and software products needed to bolster their cyber defenses.