The House of Representatives passed the State and Local Government Cybersecurity Act on May 17, which would promote increased cybersecurity collaboration between the Department of Homeland Security (DHS) and state, local, tribal, and territorial governments (SLTT).
Having already passed the Senate in January, the bill’s House passage means the next step is to the President’s desk for a final signature. The bill was introduced by Sens. Gary Peters, D-Mich., and Rob Portman, R-Ohio, who also serve as the chair and ranking member of the Senate Homeland Security and Governmental Affairs Committee.
“As we’ve seen from the many recent cyberattacks, hackers with malicious intent can and do attack state and local cyber infrastructure,” Sen. Portman said in a statement. “Sometimes, state and local governments need some additional help or access to expertise to address these threats.”
“That’s why I’m pleased the House passed this bipartisan bill to strengthen an existing relationship between the Department of Homeland Security and state and local partners to improve coordination and information sharing to help protect our IT infrastructure at all levels of government,” Portman continued. “I urge President Biden to sign this important legislation into law quickly.”
Specifically, the bill amends the Homeland Security Act of 2002 to give DHS more latitude to use centers like the Cybersecurity and Infrastructure Security Agency’s (CISA) Multi-State Information Sharing and Analysis Center (MS-ISAC) to coordinate with SLTTs upon request.
The bill would allow DHS centers like the MS-ISAC to conduct exercises with SLTT entities, provide operational and technical cybersecurity training to address cyber risks or incidents with or without reimbursement, and provide operational and technical assistance to SLTT entities to implement information security tools, resources, and procedures.
“For hackers, state and local governments are an attractive target — we must increase support to these entities so that they can strengthen their systems and better defend themselves from harmful cyber-attacks,” Rep. Joe Neguse, D-Colo. – who introduced the companion legislation in the House – said in a statement.
In addition to authorizing other coordination activities, the bill also requires DHS to submit a report on the services and capabilities DHS either directly or indirectly provides to SLTTs one year after the bill is enacted and every two years afterward.