Bipartisan lawmakers in both chambers have proposed local, state and tribal grants to boost cybersecurity.
Reps. Barbara Comstock (R-Va.) and Derek Kilmer (D-Wash.), along with Sens. Cory Gardner (R-Colo.) and Mark Warner (D-Va.), introduced the State Cyber Resiliency Act, which would fund Federal Emergency Management Agency–administered grants for cybersecurity planning and implementation.
"One of the fastest growing threats to our country is the danger posed by cyberattacks. From data breaches at retailers like Target and Home Depot to ransomware attacks on cities' transportation networks, cyberattacks post a significant threat," said Warner. "Despite the velocity of the threat, 80 percent of states lack funding to develop sufficient cybersecurity. This bill would provide grants to state and local jurisdictions so they are better prepared to take these emerging challenges in the cyber domain."
The funding would be welcome by states and localities that have recently found themselves at the center of cyberattacks. Last year, Illinois and Arizona each had voter databases hacked in attacks attributed to Russia.
“Cities manage substantial amounts of sensitive data, including data on vital infrastructure and public safety systems. It should come as no surprise that cities are increasingly targets for cyberattacks from sophisticated hackers,” said National League of Cities President Matt Zone, in the launch press release. “Cities need federal support to provide local governments with the tools and resources needed to protect their citizens and serve them best."
The State Cyber Resiliency Act also encourages states to invest in the cybersecurity workforce. Last year there were more than 17,000 unfilled cyber jobs in Virginia.
According to a 2015 Ponemon Institute study, 50 percent of state and local governments faced 6 to 25 cyber breaches in the past 24 months. In the past year hackers also breached more than 200,000 personal voter records in Illinois and Arizona. Most states currently use less than two percent of their IT budget on cybersecurity.