The just-introduced bipartisan bill would send the money to state and local governments through the Department of Homeland Security, which would also create a new federal strategy for cybersecurity.
With state and local governments beset by a precipitous rise in cyberattacks, new federal legislation might provide some necessary cover where needed.
The State and Local Cybersecurity Improvement Act would create a grant program worth $400 million to finance cybersecurity efforts in communities across the country, according to a release. Eligible communities would be able to apply for funds, provided through the Department of Homeland Security, which would be allocated to assist in areas like vulnerability scanning and testing, cyberworkforce development and intelligence sharing, according to the bill text.
The bill would also require DHS' Cybersecurity and Infrastructure Security Agency (CISA) to develop an overall strategy to improve the cybersecurity posture of those communities. Communities would also be obligated to create their own cybersecurity plans, illustrating how monies would be spent in service of those goals.
The law would also establish a State and Local Cybersecurity Resiliency Committee, giving state and local communities a venue to communicate their security needs to CISA.
The legislation, which was introduced by a group of bipartisan representatives associated with the House Committee on Homeland Security, offers a potential workaround for cash-strapped municipalities looking to bolster their security budgets.
One of the sponsors of the bill, Cedric Richmond, a Louisiana representative and chair of the Homeland Security Committee’s Cybersecurity, Infrastructure Protection and Innovation Subcommittee, explained in a statement his support for the legislation.
“Louisiana has long been vulnerable to cyberattacks, and this bill offers the resources needed to ensure protection against potential threats," said Richmond. "I’m proud to introduce this comprehensive measure to give Louisiana and other states across the country the proper framework they need to implement vital cybersecurity plans.”