A bipartisan group of U.S. senators on Monday proposed an amendment to the upcoming National Defense Authorization Act that would give each state a federally funded “cybersecurity coordinator” to manage the information-security relationships between the federal government, states and their localities.
The amendment, from Sens. Maggie Hassan, D-N.H., John Cornyn, R-Texas, Rob Portman, R-Ohio, and Gary Peters, D-Mich., borrows language from a similar bill the same quartet proposed in January and got passed in March by the Senate Homeland Security Committee.
“Cyberattacks can cause enormous disruption at any time, but they can be particularly devastating during a public health crisis,” Hassan said in a press release.
Under the bill introduced earlier this year, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency would hire a coordinator for each state. Coordinators would act as risk advisers, supporting training exercises for state and local government officials on a variety of online threats, like ransomware, and serve as the federal government’s main point of contact with state and local entities during cyberattacks.
There is an existing field staff at CISA, with protective security advisers and 10 regional offices scattered around the country to protect critical infrastructure and act as liaisons to state and local entities with regard to CISA’s broader mission. The amendment is meant to give each state a federal adviser wholly dedicated to cybersecurity issues.
“Having one point of contact in each state working to coordinate their response to cybersecurity breaches will ensure everyone is on the same page during a crisis,” Cornyn said.
Separately, Hassan and Cornyn introduced an amendment to the NDAA that would expand the National Guard’s role in helping their states respond to cyberattacks, reflecting a growing role for Guard units around the country.
The NDAA, an annual “must-pass” bill that funds the United States’ entire defense posture, has been eyed by other legislators as a potential vehicle for expanding federal support to state and local cybersecurity efforts. Last month, Rep. John Katko, R-N.Y., said he was considering trying to add language to the defense bill from the State and Local Cybersecurity Improvement Act, a bill that would create an annual $400 million grant program.