State And Local Cybersecurity Improvement Act Gains Momentum in Senate
Table of Contents
- By Dawna M. Roberts
- Published: Oct 28, 2021
- Last Updated: Nov 23, 2023
The Cybersecurity Subcommittee in Congress is pushing for a legislative mandate for companies to promptly report cases of data breaches. With ransomware attacks targeting state and local government agencies on the rise, the bill is just a Senate vote away from being passed into law.
What is the State and Local Cybersecurity Improvement Act?
Having been passed in the House of Representatives on September 30, the State and Local Cybersecurity Improvement Act will provide $500 million in grants through the Department of Homeland Security every year from 2021 to 2025. This funding will help state and local governments improve their cybersecurity posture and encourage investment in cybersecurity tools. It is currently with the Senate Homeland Security and Governmental Affairs Committee, where it will be debated extensively and voted on.
Ahead of the debate and vote, a different bill passed the Senate Homeland Security and Governmental Affairs Committee. This separate bill requires companies to report cybersecurity issues to the Cybersecurity and Infrastructure Security Agency (CISA) within 72 hours. Another bill by the Senate Select Committee on Intelligence requires that the report should not exceed 24 hours. These actions by various senate committees show that the State and Local Cybersecurity Improvement Act is gaining momentum in the Senate.
Why is the Bill Necessary?
The State and Local Cybersecurity Improvement Act will help state and local governments defend their networks against increased cyberattacks. Cybersecurity is a relatively new endeavor for governments in the United States, but with the increase in cyberattacks, additional funds are being set aside to help combat this new threat. The bill will provide needed funding for state and local governments to improve existing cybersecurity measures and develop next-generation countermeasures as well.
Partially because of the pandemic, many companies now encourage a more flexible work schedule and offer remote work opportunities. The increase in internet reliance has increased the likelihood of cyberattacks, and because of remote workplaces' lack of oversight, security measures are not being followed.
With these problems, developing a comprehensive package that will increase cybersecurity tools and prevent any potential cyberattack is very important. The bipartisan bill provides the foundation for improving the cybersecurity of state, local, tribal, and territorial governments.
What are the key requirements?
To receive funding through this initiative, state and local governments must be ready to implement strategic cybersecurity plans. This will ensure that the grant is used judiciously and for the intended purpose.
In addition to this, other requirements that must be met includes:
- A cost-share arrangement that requires states to increase their respective budgets on cybersecurity.
- State and local governments must provide a full report to the CISA regarding what cybersecurity tools they need.
- CISA will develop a strategy and identify federal resources that will help state and local governments with cybersecurity.
- CISA will assist in implementing a short-term rotational program for approved government employees in cyber workforce positions.
How this Legislation Affects American Citizens
With this new legislation, every organization will be prepared to detect and defend itself against any potential cyberattack. American citizens will in turn enjoy promising long-term benefits like:
- Improved data privacy: State and local networks are home to millions of private and personal data. To keep this information safe, it is important to take necessary security measures. If companies take advantage of this bill, private and personal information will remain safe and secure.
- Trust in the system: Every American expects that state and local governments will keep their personal information safe. The bill will improve cybersecurity measures that will make networks impenetrable for cybercriminals.
- It will save money: In May 2019, cybercriminals breached and seized parts of Baltimore's government network. The cyberattack costs more than $7 million to resolve. With enough cybersecurity tools in place, government networks will be ready to repel any form of cyberattack. Hackers will no longer hold governments' ransom as they did in the Baltimore breach.