WASHINGTON, DC – Legislation authored by U.S. Senator Gary Peters (MI), Chairman of the Homeland Security and Governmental Affairs Committee, to promote stronger cybersecurity coordination between the Department of Homeland Security (DHS) and state and local governments has passed the House. The bipartisan State and Local Government Cybersecurity Act would require federal cybersecurity experts to share information regarding cybersecurity threats, vulnerabilities, and breaches, as well as resources to prevent and recover from cyber-attacks, with states and localities who are increasingly targeted by bad actors. The bill has already passed the Senate and now heads to President Biden’s desk to be signed into law.
“State and local governments in Michigan and across the nation continue to be targeted by cybercriminals and other malicious actors. These attacks can prevent access to essential services, compromise sensitive and personal information, and disrupt our daily lives and livelihoods,” said Senator Peters. “This commonsense legislation will strengthen coordination between all levels of government and give local officials in Michigan and across the country additional tools and resources to combat cyber-attacks. I look forward to seeing the President sign this bipartisan bill into law.”
State and local governments increasingly find themselves targeted by high-profile cyber-attacks, costing taxpayers millions of dollars and threatening the data privacy of millions of Americans. Michigan’s Chief Security Officer has estimated that criminal hackers try to break into the state’s networks more than 90 million times a day – though they are usually stopped. In 2019, the Board of Commissioners from Genesee County in Michigan reported similar attacks on their network, after hackers locked their system and demanded payment for its release. A cyber-attack that hit the city of Tulsa last May exposed residents’ Social Security numbers. In recent years, the city of Florence, Alabama paid hackers to unlock city computer systems, and a ransomware attack cost the city of New Orleans millions of dollars.
The State and Local Government Cybersecurity Act would facilitate coordination between DHS and state and local governments in several key areas. The legislation would require the Cybersecurity and Infrastructure Security Agency (CISA) to provide state and local actors with access to improved security tools, policies and procedures, while also encouraging collaboration for the effective implementation of those resources, including joint cybersecurity exercises. The legislation would also build on previous efforts by the Multi-State Information Sharing and Analysis Center (MS-ISAC) to prevent, protect, and respond to future cybersecurity incidents. These changes would also ensure that government officials and their staffs have access to the hardware and software products needed to bolster their cyber defenses.
As Chairman of the Homeland Security and Governmental Affairs Committee, Peters has led efforts to enhance our nation’s cybersecurity. His historic, bipartisan bill to require critical infrastructure owners and operators to report to CISA if they experience a substantial cyber-attack or if they make a ransomware payment was signed into law as a part of the recent government funding legislation. Peters’ bipartisan bill to enhance cybersecurity assistance to K-12 educational institutions across the country was also signed into law. Additionally, Senator Peters secured several provisions in the bipartisan infrastructure law to bolster cybersecurity – including $100 million fund to help victims of a serious attack recover quickly. Peters has also authored and passed significant reforms out of the Senate to require civilian federal agencies to report to CISA if they experience a cyber-attack and ensure federal agencies can quickly and securely adopt cloud-based technologies that improve government operations and efficiency.