A bipartisan group of House members on Wednesday introduced a bill that would authorize a new $500 million grant program within the Department of Homeland Security that incentivizes state and local governments to secure their networks.
The State and Local Cybersecurity Improvement Act (H.R. 3138) also requires potential grant recipients to develop a comprehensive plan for how the funding will be used, directs the DHS Cybersecurity and Infrastructure Security Agency (CISA) to develop a strategy to help improve the cybersecurity of state, local, tribal and territorial governments (SLTT), requires CISA to examine a potential short-term rotational employment program to enable SLTT government employees to work at CISA, and establishes an SLTT committee to advise the agency on their cybersecurity needs.
The new grant program is in response to ongoing ransomware attacks that have been hitting state and local governments, large and small.
The bill “is an essential first step to ensure our state and local governments are not left vulnerable to cyber crimes,” Rep. Andrew Garbarino, ranking member of the House Homeland Security’s Cybersecurity, Infrastructure Protection, & Innovation subcommittee, said in a statement. “This bill would empower CISA to help state and local governments shore up their cyber defense before an attack occurs, as well as establish a grant program to incentivize states to strengthen their own cybersecurity programs.”
Rep. Bennie Thompson (D-Miss.), chairman of the full committee and a bill co-sponsor, said “The harms communities face from ransomware attacks are frequently not just financial, they have led to cancelled school days, delayed medical procedures, and disruption to emergency response services. To be clear, this is a national security threat.”
A similar bill passed the House by voice vote in the last Congress.
Ransomware attacks have been elevated to a national security threat as criminal gangs use the malware to hold victims’ networks and data hostage until a ransom is paid. Late last week, pipeline operator Colonial Pipeline said its network suffered a ransomware attack, leading the company to temporarily shut down pipeline operations to ensure that the malware didn’t migrate to its operational systems.
The shutdown limited the distribution of fuel supplies along portions of the East Coast and Mid-Atlantic regions of the U.S., leading to long lines at gas stations.
Other co-sponsors of the grant legislation are Yvette Clarke (D-N.Y.), John Katko (R-N.Y.), Dutch Ruppersberger (D-Md.), Derek Kilmer (D-Wash.) and Michael McCaul (R-Texas).