Provisions Would Bolster State and Local Cyber Defenses and Improve Federal Response to Major Network Breaches
WASHINGTON, D.C. – Provisions secured by U.S. Senator Gary Peters (MI), Chairman of the Homeland Security and Governmental Affairs Committee, to bolster our nation’s cyber defenses have passed the Senate as a part of a bipartisan bill that would significantly upgrade our nation’s infrastructure. The provisions would provide $1 billion to help state, local, tribal, and territorial governments deter attacks from cybercriminals and modernize systems to protect sensitive data and information, as well as $100 million to increase our government’s ability to quickly respond to major network intrusions. An additional provision Peters helped to include would provide the newly created office of the National Cyber Director (NCD) with $21 million to secure qualified personnel to support its important cybersecurity mission.
“Recent and harmful cyber-attacks against state, local, tribal and territorial governments, who often lack the resources to defend their networks, as well as critical infrastructure and the federal government are unacceptable. These attacks pose a serious threat to our national and economic security, and they must be stopped with a comprehensive approach from the federal government,” said Senator Peters. “These provisions will help strengthen cybersecurity at every level of government, protect sensitive personal information, and strengthen our response to online assaults by providing the federal government and other public and private entities, such as critical infrastructure companies, with the resources to prevent and recover from attacks. I look forward to seeing these important provisions signed into law and will continue my efforts to continue strengthening our nation’s cyber defenses.”
State and local governments increasingly find themselves targeted by high-profile cyber-attacks, costing taxpayers millions of dollars and threatening the data privacy of millions of Americans. A cyber-attack that hit the city of Tulsa in May allowed hackers to access Social Security numbers and continues to impact the city’s entire computer system. In 2019, the Board of Commissioners from Genesee County in Michigan reported similar attacks on their network, after hackers locked their system and demanded payment for its release. As a part of the bipartisan infrastructure package, Peters secured $1billion over four years for a fund, managed by the Department of Homeland Security (DHS), to support efforts by state, local, tribal, and territorial government to improve cybersecurity needs by securing their networks, assessing their cybersecurity vulnerabilities, and building up their cybersecurity workforce.
An additional provision secured by Peters, based on the Cyber Response and Recovery Act, would create an authority for the Secretary of Homeland Security, in consultation with the National Cyber Director, to declare a Significant Incident in the event of an ongoing or imminent attack that would impact national security, economic security, or government operations. This declaration would empower the Cybersecurity and Infrastructure Security Agency (CISA) to coordinate federal and non-federal response efforts, and allow the Secretary access to a Cyber Response and Recovery Fund that would help support federal and non-federal entities impacted by the event. The provision would authorize $100 million over five years for the fund and would require DHS to report to Congress on its use. Recent cyber-attacks against critical infrastructure companies, such as the network breach of a major oil pipeline, highlighted the urgent need to secure these systems from foreign adversaries and criminal organizations who are relentless in their pursuit to exploit vulnerabilities and infiltrate networks.
Peters also helped to include $21 million to help ensure the newly created Office of the NCD will be able to quickly secure qualified personnel to support its important cybersecurity mission. The NCD is a brand new position tasked with coordinating the implementation of national cybersecurity policy and strategy. Peters led the charge to create the National Cyber Director position and confirm its first leader, Chris Inglis.
As Chairman of the Homeland Security and Governmental Affairs Committee, Peters has led efforts to increase our nation’s cybersecurity defenses. Peters convened a hearing with the Chief Executive Officer of Colonial Pipeline to examine a recent ransomware attack against the company. Peters is also conducting an investigation into the role cryptocurrencies continue to play in emboldening and incentivizing cybercriminals to commit ransomware attacks. In April, the Senate also passed his provision to help protect our nation’s public water infrastructure technology systems, following recent cyber-attacks on water utilities. Peters’ legislation to promote stronger cybersecurity coordination between DHS and state and local governments has advanced in the Senate.