House cybersecurity chair plans to reintroduce state and local grant proposal

Rep. Yvette Clarke, the chairwoman of the House Homeland Security Committee’s cybersecurity panel, said Wednesday she will soon reintroduce legislation that would create a robust annual grant program supporting state and local governments.

Speaking during an online event hosted by the Cybersecurity Coalition, a nonprofit group, Clarke, D-N.Y., said she plans to bring up a new version of the State and Local Cybersecurity Improvement Act, which passed the House last year with large bipartisan support but did not get a vote in the Senate.

“Improving the baseline of our cybersecurity posture across infrastructure sectors is crucial to ensuring the continuity of operations, of effective industry, and the freeing of cyber talent to defend against more sophisticated threats,” Clarke said.

She said she wants to introduce the a new version of the bill with $500 million in grants, up from the $400 million that was approved by the House last year. Clarke also told the event she’d like to see cybersecurity and IT modernization funds included in President Joe Biden’s $2 trillion infrastructure package, saying she’d like to see security “baked into” infrastructure projects rather than being “tacked on” later. Most of the tech-specific funding in Biden’s plan is tailored for broadband, though state and local technology officials have long pleaded with the federal government for more resources to help them fight pervasive threats like ransomware.

A spokesperson for House Homeland Security Republicans told StateScoop the grants will likely be a bipartisan effort again.

“Ranking Member [John] Katko was pleased to be the lead House Republican on this effort last year, and anticipates continuing his strong support for SLTT cyber funding this Congress as well,” the spokesperson said.

The National Association of State Chief Information Officers, which named federal cybersecurity grants as one of its top legislative priorities this year, said it would wait to see the legislation before commenting.

Clarke’s office said details of a new version of the grant bill are still being finalized and that she also hopes that it will draw bipartisan favor. Her comments on the infrastructure package echoed those by former Cybersecurity and Infrastructure Security Agency Director Chris Krebs, who said at a separate event Wednesday that the administration should include IT modernization and cybersecurity aid for states in any infrastructure plan.

“I really think that it is well past time for a 21st-century ‘digital infrastructure investment act,’ where we provide the equivalent of block grants to state and local [government] where they can modernize their IT infrastructure,” he said during a discussion hosted by the Center for Strategic and International Studies.

Krebs also said that while much of CISA’s focus during his time there was trained on foreign governments’ malicious activities, he “was seeing was American communities functionally disrupted by ransomware on a daily basis.”