Bipartisan legislation seeks new state, local government-focused cybersecurity grant program at DHS

Seven U.S. representatives introduced the State and Local Cybersecurity Improvement Act this week, which seeks to authorize a new Department of Homeland Security (DHS) grant program to fund local and state cybersecurity efforts.

In all, the program would benefit from $500 million in funding to be used as incentives for other agencies to increase their own cybersecurity funding. The legislation would also require developing a strategy to improve cybersecurity at the state, local, tribal and territorial levels. It was introduced by U.S. Reps. Yvette Clarke (D-NY), Andrew Garbarino (R-NY), John Katko (R-NY), Derek Kilmer (D-WA), Michael McCaul (R-TX), Dutch Ruppersberger (D-MD), and Bennie Thompson (D-MS).

Plans would likewise be required to guide the use of grant dollars, while a State and Local Cybersecurity Resiliency Committee would be empowered to transmit governments’ specific needs to the Cybersecurity and Infrastructure Security Agency (CISA) at DHS. That federal agency would also have to assess the potential for a short-term rotational program for approved state, local, tribal and territorial government employees to acquire cyber workforce positions at CISA.

“In the decade since I first Chaired the cybersecurity subcommittee, the number of cases and the financial impact of ransomware have skyrocketed,” said Clarke, chair of the Homeland Security Committee’s Cybersecurity, Infrastructure Protection, & Innovation Subcommittee. “These attacks are more than a mere inconvenience – they are a national security threat. That is why I introduced the State and Local Cybersecurity Improvement Act, which would authorize $500 million in annual grants to state, local, Tribal, and Territorial governments to strengthen their cybersecurity while insisting they step up to prioritize cybersecurity in their own budgets.”

As the world and its various sectors have become ever-more digitally reliant, state and local governments have become easier targets for cyberattacks, and the government reports that their frequency is increasing. Last year alone, ransomware attacks crippled organizations such as the New Mexico Public Regulation Commission, a county library system in California, and police departments in North Miami Beach, Fla., and Trenton, N.J., among others. Even now, the United States is dealing with the effects of a massive ransomware on the Colonial Pipeline.

“These attacks are an imminent and existential threat to our national security, and we must do everything we can to prevent their continued occurrence,” said Garbarino, ranking member of the Homeland Security Committee’s Cybersecurity, Infrastructure Protection, & Innovation Subcommittee. “The State and Local Cybersecurity Improvement Act is an essential first step to ensure our state and local governments are not left vulnerable to cyber-crimes. This bill would empower CISA to help state and local governments shore up their cyber defense before an attack occurs, as well as establish a grant program to incentivize states to strengthen their own cybersecurity programs. We cannot wait any longer to invest in systems and protocols that will improve our cybersecurity.”