11.22.19

Senate Passes Peters Bill to Strengthen Cybersecurity Coordination with State and Local Governments

DETROIT, MI – The U.S. Senate unanimously approved bipartisan legislation introduced by U.S. Senators Gary Peters (D-MI), Ranking Member of the Homeland Security and Governmental Affairs Committee, and Rob Portman (R-OH), to promote stronger cybersecurity coordination between the Department of Homeland Security (DHS) and state and local governments. The State and Local Government Cybersecurity Act would encourage national cybersecurity watchdogs to share information regarding cybersecurity threats, vulnerabilities, and breaches as well as resources to prevent and recover from cyber-attacks with states and localities who are increasingly targeted by bad actors.

“State and local governments with limited resources and cybersecurity expertise can struggle to secure their systems against malicious hackers that could expose their constituents’ personal data,” said Senator Peters. “I’m pleased the Senate passed my bipartisan bill that will help ensure all levels of government can bolster their defenses and protect themselves from sophisticated cyber-attacks.”

State and local governments increasingly find themselves targeted by high-profile cyber-attacks, costing taxpayers millions of dollars and threatening the data privacy of millions of Americans. State and local governments are an attractive target because they possess a broad array of information about their citizens but often do not have the tools to adequately safeguard their systems. Financial constraints, limited resources and outdated equipment can all hinder local governments’ efforts to safeguard the personal data they collect. In recent years, hackers have successfully breached cybersecurity defenses in Atlanta, Colorado, Baltimore and Louisiana. In 2016, the city of Lansing was forced to pay a $25,000 ransom to unlock its accounting and communications systems after a utility worker fell victim to a ransomware attack. Lansing taxpayers were also forced to spend hundreds of thousands of dollars to hire a cyber-emergency response team to restore its systems. Earlier this year, the Board of Commissioners from Genesee County reported a similar attack on their network, after hackers locked their system and demanded payment for its release.

The State and Local Government Cybersecurity Act would facilitate coordination between DHS and state and local governments in several key areas. The legislation would permit the National Cybersecurity and Communications Integration Center (NCCIC) to provide state and local actors with access to improved security tools, policies and procedures, while also encouraging collaboration for the effective implementation of those resources, including joint cybersecurity exercises. The legislation would also build on previous efforts by the Multi-State Information Sharing and Analysis Center (MS-ISAC) to prevent, protect, and respond to future cybersecurity incidents. These changes would also ensure that government officials and their staffs have access to the hardware and software products needed to bolster their cyber defenses.

Below are statements in support of the Senators’ legislation:

“Every day our state and local government networks experience millions of intrusion attempts by those looking to do harm,” said Chris DeRusha, Chief Security Officer for the State of Michigan. “This bill will help the state of Michigan access resources, tools and expertise developed by Federal government and national cybersecurity experts, which will enhance the security of the information Michiganders have entrusted us to keep safe.”

“This cooperation with federal, state, and local agencies will advance our abilities to fight off cyber threats,” said Mark A. Hackel, Macomb County Executive. “In Macomb County, we have been working diligently with our academic partners to train the next generation cybersecurity professional to stay ahead of vulnerabilities and cyber breaches. This next step in collaboration will ensure that knowledge-sharing occurs at all levels of government and is key to our defense against attacks."

“The Center for Internet Security commends Senators Peters and Portman for introducing the State and Local Government Cybersecurity Act of 2019. This important legislation will help to enhance the cybersecurity infrastructure of U.S. state, local, tribal, and territorial governments, which is consistently reported as their least proficient capability,” said John Gilligan, Center for Internet Security, Inc. (CIS®) CIS President and CEO.  “We also applaud DHS’ continued leadership role in improving our country’s cybersecurity.”

###