Bills Call for State, White House Cybersecurity CoordinatorsState Coordinators Would Be Appointed by CISA
Under the amendment, the U.S. Cybersecurity and Infrastructure Agency, a unit of the Department of Homeland Security, would appoint the state cybersecurity coordinators, who would help respond to the increasing number of cyberthreats targeting local entities, such as municipalities and school districts.
Meanwhile in the House, the bipartisan National Cyber Director Act, introduced June 25, calls for restoring the cybersecurity director position within the White House, which was eliminated by the Trump administration. Similar legislation introduced earlier failed to advance.
The Cyberspace Solarium Commission recommended the creation of a national cyber director in its March report. Under the legislation, the director would coordinate cyber strategy and policy and act as the president's principal adviser on cybersecurity.
The amendment to the defense bill calling for funding state cybersecurity coordinators was introduced Monday by Democrats Maggie Hassan of New Hampshire and Gary Peters of Michigan and Republicans John Cornyn of Texas and Rob Portman of Ohio.
"Cybersecurity for state and local governments is just as important as federal cybersecurity, and frequently, they lack the resources, technical know-how and situational awareness to secure their systems or respond in the event of an attack," Portman says in a statement.
Proud to join my colleagues, @SenatorHassan, @JohnCornyn & @SenGaryPeters in introducing an amendment to the #FY21NDAA that would create a Cybersecurity State Coordinator position to facilitate the cybersecurity relationship between the federal govt & state & local govts.— Rob Portman (@senrobportman) June 29, 2020
Senators Hassan and Cornyn also introduced a separate defense bill amendment that would enable the National Guard to help improve cybersecurity infrastructure at the state and local level.
The House and Senate are now debating their own versions of the 2021 defense bill, according to the Hill.
The last two years have seen increases in cyberthreats, including ransomware, targeting local municipalities, hospitals and school districts. In December 2019, for example, security firm Emsisoft reported that over 960 local government agencies, educational institutions and healthcare providers sustained ransomware attacks over the course of the year.
In February, state officials asked for more federal resources to combat cyberthreats, especially in the run-up to the 2020 elections in November (see: States Press for Federal Resources to Fight Cyberthreats).
Peters, who is the ranking Democrat on the Senate's Homeland Security and Governmental Affairs Committee, says that state and local governments need clear lines of communication and an understanding of what federal resources are available so they can protect themselves from ever-evolving cyberthreats.
Under the legislative proposal, state cybersecurity coordinators would facilitate the sharing of information on cyber risks among federal and state agencies. They would also work on raising awareness of the financial and technological resources available for cybersecurity, help plan for quick recoveries from ransomware attacks and serve as the point of contact on cyber incidents affecting state, local and private organizations.
"Having one point of contact in each state working to coordinate their response to cybersecurity breaches will ensure everyone is on the same page during a crisis," Cornyn says.