Their Biographies, Issue Positions, Voting Records, Public Statements, Ratings and their Funders.

State and Local Cybersecurity Improvement Act

Floor Speech

Date: Sept. 30, 2020
Location: Washington, DC


Mr. RUPPERSBERGER. Mr. Speaker, I thank the gentlewoman for yielding.

Before I start, I want to acknowledge the gentlewoman's leadership position. I was sitting in my chair--I have been dealing with cyber issues for a long time--and when I heard Mr. Joyce agree with the gentlewoman, I almost fell out of my chair, but I didn't. I really applaud both Members for working together.

Cyber issues are some of the most important national security issues that our country faces, internationally and also within our country, and coming together like this is how we get things done for our constituents. I hope people on both sides of the aisle observe what these Representatives are doing. That is the way we need to go.

First, as a former Baltimore County executive, I am well aware of the problems that State and local governments face on a daily basis. They are where the rubber meets the road and the source of many of the critical services our constituents rely on, which includes schools, law enforcement, parks, fire, and libraries.

Yet, according to the National Association of State Chief Information Officers, nearly half of all States do not have a dedicated cybersecurity line item in their budget. In fact, most State cybersecurity budgets are between 0 and 3 percent of their overall information technology budget.

While some support from the Federal Government does exist already, less than 4 percent of current Homeland Security Grant Program funding has been allocated to cybersecurity needs at the State and local level. As we have seen from recent cyberattacks on many American cities and States, this is simply not enough.

Last year, there were at least 24 public-sector ransomware attacks, including a ransomware attack in Baltimore, my hometown, that is expected to cost more than $18 million in remediation. A separate attack in 2018 temporarily disabled Baltimore's 911 dispatch system.

This is part of a growing nationwide trend. The COVID-19 pandemic has only exacerbated the threat to local governments as hackers exploit overwhelmed organizations that are increasingly dependent on digital tools. We cannot simply stand by and watch this happen. We can and must do more.


Mr. RUPPERSBERGER. Mr. Speaker, the bill before us today establishes a program making grants available to State, local, Tribal, and territorial governments to address cybersecurity risks and threats to their information systems.

This is not a silver bullet, but it allows us to leverage Federal expertise in cyber, like that of the Cybersecurity and Infrastructure Security Agency, or CISA, to help State and local governments get their information security programs off the ground.

This bill will further empower State and local governments around the country to begin assuming the funding burden in their normal budget cycles in the future by reducing the Federal share over time.

I thank Chairman Thompson, Chairman Richmond, and all those involved for this bipartisan coalition.