06.22.22

Three Peters Bills to Strengthen State and Local Cybersecurity, Bolster Cyber Workforce, and Secure Federal Supply Chains Signed into Law

WASHINGTON, D.C. – The President has signed into law three bipartisan bills authored by U.S. Senator Gary Peters (MI), Chairman of the Senate Homeland Security and Governmental Affairs Committee, to significantly strengthen our nation’s cybersecurity. The new laws will increase cybersecurity coordination between the federal government and state and local governments, bolster the federal cybersecurity workforce, and secure federal information technology supply chains against threats.

“Increasingly complicated cyber-attacks on everything from state and local networks to federal information technology systems show why our nation must have adequate resources and qualified personnel to defend against criminal hackers and foreign adversaries for years to come,” said Senator Peters. “These new laws will bolster cybersecurity at every level of government, and ensure we are prepared to prevent cyber-attacks that continue to disrupt lives and livelihoods, and threaten our national security.”

Michigan’s Chief Security Officer has estimated that criminal hackers try to break into the state’s networks more than 90 million times a day – though they are usually stopped. Peters’ State and Local Government Cybersecurity Act facilitates coordination between the Department of Homeland Security and state and local governments in several key areas. The legislation requires the Cybersecurity and Infrastructure Security Agency (CISA) to provide state and local actors with access to improved security tools, policies and procedures, while also encouraging collaboration for the effective implementation of those resources, including joint cybersecurity exercises. The legislation also builds on previous efforts by the Multi-State Information Sharing and Analysis Center (MS-ISAC) to prevent, protect, and respond to future cybersecurity incidents. These changes ensure that government officials and their staffs have access to the hardware and software products needed to bolster their cybersecurity defenses.

Government agencies often cannot compete with the salaries and other benefits offered by tech giants in Silicon Valley, but they provide valuable opportunities to serve the country and defend our cyber front lines. Peters’ Federal Rotational Cyber Workforce Program Act creates a civilian personnel rotation program for cybersecurity professionals at federal agencies. This program enables employees to spend time working at different government agencies, allowing them to gain experience beyond their primary assignment and expand their professional networks. The legislation provides opportunities to help attract and retain cybersecurity experts in the federal government by offering civilian employees opportunities to enhance their careers, broaden their professional experience, and foster collaborative networks by experiencing and contributing to the cybersecurity mission beyond their home agencies.

Peters’ Supply Chain Security Training Act directs the General Services Administration (GSA), in coordination with the Department of Homeland Security (DHS), Department of Defense (DOD) and the Office of Management and Budget (OMB), to create a supply chain security training program for federal officials with supply chain risk management responsibilities. The bill also requires the Office of Management and Budget (OMB) to develop guidance for federal agencies to adopt and use the training program and how to select officials to participate in the training.

As Chairman of the Homeland Security and Governmental Affairs Committee, Peters has led efforts to enhance our nation’s cybersecurity. His historic, bipartisan bill to require critical infrastructure owners and operators to report to CISA if they experience a substantial cyber-attack or if they make a ransomware payment was signed into law as a part of the recent government funding legislation. Peters’ bipartisan bill to enhance cybersecurity assistance to K-12 educational institutions across the country was also signed into law. Additionally, Peters secured several provisions in the bipartisan infrastructure law to bolster cybersecurity – including $100 million fund to help victims of a serious attack recover quickly. Peters has also authored and passed significant reforms out of the Senate to require civilian federal agencies to report to CISA if they experience a cyber-attack and ensure federal agencies can quickly and securely adopt cloud-based technologies that improve government operations and efficiency.

###