Critical Bipartisan Legislation
“Cyberattacks have increased at a rapid pace this year and pose a persistent threat to our national security,” said Chairman Thompson. “I am pleased that the House came together to pass this critical bipartisan legislation. I look forward to working with the Senate to ensure these bills become law.” The five pieces of legislation were part of an extensive package of over a dozen homeland security bills. These bills address many of the threats the nation is facing today. In the US, state and local governments oversee water utilities and electricity, airports, schools, law enforcement, emergency rescue operations, hospitals and more. This makes government departments top targets for cyberattacks. Moreover, the Covid-19 pandemic has made things worse. Last year, thousands of US government entities, healthcare facilities and schools fell victim to ransomware attacks. Working from home, whether out of necessity or just because it is possible, will probably only increase the number of hacking and phishing attempts in the coming years.
Five New Cybersecurity Bills
All five cybersecurity bills are proposed as amendments to the Homeland Security Act of 2002. They are designed to bolster the states and governments’ cyber defense capabilities. Congressman Dutch Ruppersberger thanked colleagues for supporting this legislation. “Cybercriminals know that state and local government is where the rubber meets the road, providing essential services that we all rely on every day. This legislation will give state and local governments the resources they need. To invest in cybersecurity, protecting citizens and tax dollars.”
Cybersecurity Not Adequately Funded
According to the 2020 Deloitte-NASCIO Cybersecurity study, most states have allocated less than 3% of their total IT budget on cybersecurity. Federal agencies spend a greater percentage of their IT budget on strengthening their cyber resilience. The department of Justice spends the most. In 2021, almost a third of their IT budget (28.16%) goes to cybersecurity. The department of transportation currently spends the least. They allocated just 7.33% to cybersecurity for this year. Nonetheless, this is still more than double of what States spend. Most of the States’ budget goes to incident management, followed by awareness & training, investigation and forensics, security operations and vulnerability management. More astonishing, is that only 18 states have a separate cybersecurity budget line item. (There are fifty States in total, plus Washington DC). Just a minority of these states have increased the cybersecurity budget since 2018. The most important source of funding is the US Department of Homeland Security, providing 46% of the budget. 19% originates from business or program stakeholders.