3500 Lacey Road, Suite 100
Downers Grove, IL 60515
Earlier this month, bipartisan legislation was introduced in both the U.S. Senate and the U.S. House of Representatives to help state, local and tribal governments more effectively counter cyber-threats.
The State Cyber Resiliency Act would create a cybersecurity grant program, managed by the Department of Homeland Security’s Federal Emergency Management Agency, aimed at supporting states in the development and implementation of cyber-resiliency plans. The bill seeks to support robust planning to mitigate and respond to cyber-attacks by supporting state efforts to identify and detect vulnerabilities and respond to and recover from cyber-breaches.
Notably, the State Cyber Resiliency Act also includes provisions to encourage states in invest in the cybersecurity workforce. In particular, the legislation:
In unveiling this legislation, the bill sponsors highlighted a 2015 Ponemon Institute study that found 50 percent of state and local governments faced six to 25 cyber-breaches in the past 24 months. Additionally, in the past year, Russian hackers have breached more than 200,000 personal voter records in Illinois and Arizona. Lawmakers also observed that 80 percent of states lack funding to develop sufficient cybersecurity and most states currently use less than two percent of their IT budget on cybersecurity.
Introduced in the Senate by Cybersecurity Caucus Co-Chairs Cory Gardner, R-Colo., and Mark Warner, D-Va., the legislation has been referred to the Senate Committee on Homeland Security and Governmental Affairs.
The House bill, introduced by House Science, Space, and Technology Subcommittee on Research and Technology Chairman Barbara Comstock, D-Va., and New Democrat Coalition Cybersecurity Task Force Co-Chair Derek Kilmer, D-Wash., will now be considered by the House Committee on Homeland Security and the House Committee on Transportation and Infrastructure.
In the past, the House Science, Space and Technology Committee has considered similar legislation seeking to strengthen the cyber-workforce. An earlier draft bill would authorize the National Science Foundation to create the National Cyber College Grant Program to provide funding to state colleges and universities for the development and teaching of cybersecurity curricula and other cyber-research. It is possible elements of this bill could be added to the State Cyber Resiliency Act as the legislative process moves forward.