Connecting state and local government leaders
A bipartisan group of House lawmakers introduced a bill this week that would create a grant program to bolster cyber defenses across the U.S.
Cybersecurity attacks on local governments have caused schools to cancel classes, nearly poisoned water at a water treatment plant, and enabled hackers to leak internal police files on officers working in the nation’s capital.
Now a bipartisan group of House lawmakers wants to provide state and local governments additional aid to help them protect their computer systems and data from such damaging intrusions. A group of seven lawmakers introduced legislation Wednesday that would establish a $500 million grant program that enables state and local governments to increase their cybersecurity budgets.
State and local governments applying for a grant under the program would be asked to develop a comprehensive cybersecurity plan, outlining how federal funding would be used and to ensure they meet certain cybersecurity standards. The bill would also task the Cybersecurity and Infrastructure Security Agency with developing a strategy to improve cybersecurity at the state and local level. The strategy document could be used to set a baseline for state and local cybersecurity efforts and to identify other federal resources that could be leveraged for support.
“As we are painfully learning in cities across America, hackers are taking advantage of under-resourced IT departments at the state and local level that are competing with every other community need – crime, water systems, schools – for funds,” said Rep. Dutch Ruppersberger, a Maryland Democrat who was among the seven sponsors of the bill. “This grant program will leverage federal cyber expertise and enable our states and governments to better protect themselves against these sophisticated attacks.”
The grant program is necessary to fortify state and local governments, which have increasingly faced cyberattacks, against such devastating attacks, said Rep. Yvette Clarke, the chairwoman of the Homeland Security Committee’s Cybersecurity, Infrastructure Protection, and Innovation Subcommittee.
“These attacks are more than a mere inconvenience – they are a national security threat,” the New York Democrat said.
Maintaining consistent and direct funding for cybersecurity is a challenge at the state level, with only 36% of states reporting that they have a dedicated cybersecurity budget, according to a 2020 survey from the National Association of State Chief Information Officers. Although nearly three-quarters of surveyed information officers listed ransomware among their top concerns, 56% said they are not very confident in the cybersecurity practices of their local governments.
The introduction of the bill comes as the reverberations of the ransomware attack on the Colonial Pipeline continued to be felt across the East Coast. Although gas began flowing through the pipeline again on Wednesday, many people feared a gas shortage and made a run on gas stations that led many to run dry of fuel.
Citing the Colonial Pipeline incident and other recent cyberattacks, President Biden issued an executive order this week that he said would help to better protect federal government networks. The order requires agencies to adopt multifactor authentication and encryption for data at rest and in transit, deploy endpoint detection response capabilities, as well as to adopt other cyber defenses.
Andrea Noble is a staff correspondent with Route Fifty.