Bill to help local governments thwart cyberthreats signed into law

A provision to encourage local governments to adopt the .gov domain for websites and email accounts was signed into law as a part of the year-end omnibus funding bill.

The provision was originally introduced as the DOTGOV Online Trust in Government Act. It directs the Department of Homeland of Security (DHS) to provide resources and assistance to local governments to adopt .gov web addresses. The bill was introduced by Sens. Gary Peters (D-MI), Ron Johnson (R-WI), Amy Klobuchar (D-MN), and James Lankford (R-OK).

While federal and state government agencies typically use the .gov domain, it is not widely used for local government entities. This trusted domain increases resilience to hackers that target local government systems.

“Michiganders and Americans need to be able to trust that information they are seeking from or sharing with local governments is secure and reliable, especially as more folks are counting on state and local government assistance during these trying times,” Peters said. “I am thrilled this bipartisan legislation that will help Michigan’s city and county governments protect the public from harmful online attacks was signed into law.”

Specifically, the DOTGOV Online Trust in Government Act directs the Cybersecurity and Infrastructure Security Agency (CISA), a component of DHS, to work with local governments to help them transition to .gov domains. It also directs DHS to develop an outreach strategy and resources to help local government offices take advantage of .gov security features. Further, the changes are an allowable expense under the DHS Homeland Security Grant Program.

“Americans often search the internet to find credible and factual sources for basic data, especially on official government sites,” Lankford said. “This is a simple, straightforward change will help people discern official websites from unofficial websites by allowing the .gov domain to only be used by city, state, county, or Tribal governments. This small fix will assist people searching the web to quickly discern reliable government sources.”

Because many county and local governments do not use the .gov domain, cybercriminals have an opportunity to create fake local government websites and email addresses and use them to trick individuals and small businesses into sharing information.

“It is vital for Americans to know that they’re accessing trusted and secure information from the government. The .gov domain helps do that,” Klobuchar said. “Unfortunately, right now, many state, tribal and local governments don’t use the .gov domains, allowing cybercriminals to easily impersonate government officials. Our bipartisan bill will improve our nation’s cybersecurity by providing support services, security enhancements, and dedicated outreach to help local governments adopt the .gov domain.”