Senators introduce bill to create state cyber coordinators at DHS

Lawmakers said the legislation was crafted following conversations with local officials who have expressed a desire for more federal support.

cybersecurity in cities (shutterstock.com)
 

A bipartisan group of senators have introduced legislation that would create new cybersecurity coordinator positions within the Department of Homeland Security for each state.

The bill, sponsored by Sens. Maggie Hassan (D-N.H.), Rob Portman (R-Ohio), Gary Peters (D-Mich.) and John Cornyn (R-Texas), would require the director of the Cybersecurity and Infrastructure Security Agency to designate officials from within the agency to serve as the principal federal point of contact for state and local officials on cybersecurity matters.

Each coordinator would be responsible for a range of duties related to their state, including building strategic relationships with state and local governments, serving as the principal information security risk advisor, supporting response and remediation efforts to ongoing cyber risks and incidents, facilitating information sharing, assisting with continuity of operations planning, assisting with coordinated vulnerability disclosure and other duties.

The findings section of the bill also mentions congressional concerns about threats from ransomware, advanced persistent threat hacking groups, and the need for greater engagement from the federal government to help build resiliency of other entities. In a statement, Hassan said the legislation was in part born out of past conversations with local officials who have expressed a desire for more federal support.

"When New Hampshire’s Strafford County and Sunapee School District were hit by ransomware attacks this past year, officials had systems in place to mitigate damage," Hassan said. "But as they made clear to me, the federal government needs to do more to ensure that state and local entities have the resources and training that they need to prevent and respond to cyberattacks."

The director of CISA would also be required to brief the House and Senate Homeland Security Committees a year after the bill's passage on how effective the coordinators have been.

State and local governments have been hammered by ransomware attacks over the past year, forced between having their data wiped and paying a hefty ransom that still doesn’t guarantee the attackers will unlock their computers and systems. CISA has been at the forefront of those warnings and launched a program last year focused on protecting voter registration databases and other election infrastructure from ransomware, according to Reuters.