A bipartisan group of Senators are interested in establishing a cybersecurity leader for each state in order to increase the states' abilities to respond to cyberattacks.
Sen. Maggie Hassan (D-NH), the lead sponsor of the bill, highlighted the wave of ransomware attacks which have crippled cities and government entities in recent months.
“Cyberattacks can be devastating for communities across our country, from ransomware attacks that can block access to school or medical records to cyberattacks that can shut down electrical grids or banking services,” Hassan said. “The federal government needs to do more to ensure that state and local entities have the resources and training that they need to prevent and respond to cyberattacks.”
The Cybersecurity State Coordinator Act proposes creating a federally-funded program that would create a cybersecurity coordinator position for each state. The program would be part of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. The placement is a logical one as CISA already works closely with state and local governments on security issues.
The 50 coordinators—CISA employees—will be responsible for working with all levels of government to prepare for, prevent, and respond to attacks. The state coordinator would act as a security risk advisor, point-of-contact, and facilitator between federal and non-federal organizations, including state and local governments, schools, and hospitals. The coordinator will also be expected to raise awareness of the financial, technical, and operational resources non-government entities can receive from the federal government.
The role would require a combination of training, advisory work, and program development as the coordinator will be expected to establish governance structures, support training exerices and incident response planning, and assist with developing and coordinating vulnerability disclosure programs consistent with federal and information security industry standards.
Having these coordinators in place for each state will help the federal government make sure that local and state entities have the appropriate training and resources to mitigate and defend against future attacks.
State, local, Tribal, and territorial entities face a growing threat from advanced persistent threat actors, hostile nation states, criminal groups, and other malicious cyber actors," the bill's text said. "There is an urgent need for greater engagement and expertise from the Federal Government to help these entities build their resilience and defenses.
Hassan was the lead sponsor of the related DHS Cyber Hunt and Incident Response Teams Act 2019, which was signed into law in December. That law created teams within the Department of Homeland Security to help private businesses, and state and local government agencies respond and recover from cyber incidents such as ransomware attacks, and rebuild their infrastructure. The act provides "assistance to asset owners and operators in restoring services following a cyber incident" and males "recommendations to asset owners and operators for improving overall network and control systems security to lower cybersecurity risks."
Hassan's state, New Hampshire, has been hit by ransomware more than once over the past few months. About 500 computers belonging to the state's Strafford County were infected, as were teacher records and school records stored by the Sunapee School District.
Sens. Gary Peters (D-Mich), John Cornyn (R-Texas), and Rob Portman (R-Ohio) are co-sponers. Hassan is currently working with members of the House of Representatives to develop a companion bill, The Hill reported.
Cybersecurity for state and local governments is just as important as federal cybersecurity, and frequently, they lack the resources, technical know-how, and situational awareness to secure their systems, or respond in the event of an attack," Portman said. The bill would "help bolster state and local governments' cybersecurity by facilitating their relationship with the federal government to ensure they know what preventative resources are available to them as well as who to turn to if an attack occurs.