The U.S. House on Wednesday voted overwhelmingly to pass legislation encouraging closer coordination between the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and state, local, tribal and territorial governments.
The State and Local Cybersecurity Act codifies a number of efforts CISA is already making with regard to state and local governments, putting into writing that the National Cybersecurity and Communications Integration Center, DHS’ main threat-analysis facility, share more of its security tools, policies, training procedures and relevant intelligence products.
Most of that sharing would be facilitated through the Multi-State Information Sharing and Analysis Center, the DHS-funded security operations center that supports state and local governments. The legislation also firms up the relationships the NCCIC has with state officials, like chief information officers and secretaries of state.
The cyber coordination bill passed the Senate in January and now heads to the White House for President Joe Biden’s signature. Senate Homeland Security Chairman Gary Peters, D-Mich., the bill’s original sponsor, called it “commonsense legislation” that will “strengthen coordination between all levels of government and give local officials…additional tools and resources to combat cyber-attacks.”
“As we’ve seen from the many recent cyberattacks, hackers with malicious intent can and do attack state and local cyber infrastructure. Sometimes, state and local governments need some additional help or access to expertise to address these threats,” Sen. Rob Portman, R-Ohio, who authored the bill with Peters, said in a press release.
According to a Congressional Budget Officer analysis last fall, the bill will not change much operationally or create any additional costs.
“DHS is already performing the coordination activities required by S. 2520; thus, the bill would codify those responsibilities but would not impose any new operating requirements on the department,” the analysis read.
The House on Wednesday also approved a bill from Rep. Andrew Garbarino, R-N.Y., authorizing CISA to provide grants to states to fund cybersecurity curriculum in K-12 schools, codifying the agency’s existing Cybersecurity Education Training Assistance Program.