Grant program would support state, local cybersecurity

Citing studies that indicate states and local governments are vulnerable to cyber intrusions and other threats, a group of lawmakers from both parties and both houses of Congress introduced a bill that would give those entities more help.

Reps. Derek Kilmer (D-Wash.) and Barbara Comstock (R-Va.), along with Sens. Mark Warner (D-Va.) and Cory Gardner (R-Colo.), introduced the State Cyber Resiliency Act to help state, local, and tribal governments with growing cyber threats.

Those governments, said the group in a March 2 statement, typically devote less than two percent of their IT budget to cybersecurity.

The group cited studies that showed in 2015, 50 percent of state and local governments had six or more cyber breaches within the last two years.

They also noted that in the past year hackers had breached more than 200,000 personal voter records in the states of Arizona and Illinois.

In the wake of those election-system breaches, the Department of Homeland Security declared state voting infrastructure as critical infrastructure. Some states have called that designation a federal overreach and have said they have their own capabilities in place to detect or prevent intrusions.

The proposed legislation, said the lawmakers, would set up a cybersecurity grant program that would provide resources for states to develop and implement effective cyber resiliency plans, including efforts to identify, detect, protect, respond, and recover from cyber threats. It also would encourage development of a stronger cybersecurity workforce.