We urge Congress to authorize and fully fund a dedicated cybersecurity grant program to help states, territories and localities develop and implement innovative and effective cybersecurity practices to better secure our infrastructure and information; help build resources and human capital; better detect, analyze and protect against cyber threats; and enhance partnerships among all levels of government.
The Honorable Chuck Schumer
Majority Leader
United States Senate
U.S. Capitol Building, Room S-224
Washington, D.C. 20510
The Honorable Mitch McConnell
Minority Leader
United States Senate
U.S. Capitol Building, Room S-230
Washington, D.C. 20510
The Honorable Nancy Pelosi
Speaker of the House
United States House of Representatives
U.S. Capitol Building
Washington, D.C. 20515
The Honorable Kevin McCarthy
Minority Leader
United States House of Representatives
U.S. Capitol Building
Washington, D.C. 20515
Dear Majority Leader Schumer, Minority Leader McConnell, Speaker Pelosi and Minority Leader McCarthy:
The undersigned organizations, representing the nation’s state, territorial and local governments, strongly encourage the inclusion of a dedicated cybersecurity grant program for state, local, territorial and tribal governments (SLTT) in any upcoming infrastructure and appropriations packages.
Our governments remain vulnerable to cyberattacks that continue to grow in sophistication on an almost daily basis. Between 2018 and 2019 alone, known attacks on local governments rose 58.5 percent with an average ransom demand of $835,758.33. The evolution of cyber incidents, including ransomware attacks, has rapidly progressed from merely digital consequences to sophisticated strikes intended to threaten the health and safety of our nation’s citizens. Recent attacks on water treatment facilities, pipelines, hospital systems, food processors and school districts are clear evidence that cyber incidents disrupt our daily lives and jeopardize the continuity of our government.
States, territories and localities are the primary agents for the delivery of a vast array of federal programs and services to our communities. The increasing frequency and debilitating impact of ransomware and other types of cyberattacks threaten our ability to deliver these critical services to the American people. The increased sophistication of cyber criminals, the ever-changing landscape of cyber attacks, and the limited resources of states, territories and localities, create the perfect storm and render carve-outs within existing homeland security grant programs insufficient.
States, territories and localities require a dedicated cybersecurity grant program to ensure prioritization of cybersecurity and intergovernmental collaboration; to ensure stability for long term planning and resourcing; and to prevent adding yet another burden to existing programs intended to meet other needs.
While COVID-19 relief legislation has provided an opportunity for SLTT governments to improve their cybersecurity posture—primarily for securing remote work and enabling remote health and distance-learning programs— the pandemic has amplified significant vulnerabilities in our government networks, especially those operating on outdated technologies. Malicious cyber actors have used attention on COVID-19 to their advantage, further targeting government infrastructure, the health care sector and individual citizens for internet crimes, which include ransomware, phishing and computer-enabled financial fraud.
In a 2020 report the FBI found that Internet Crime Complaint Center received 791,790 complaints from Americans with reported losses exceeding $4.1 billion, a 69 percent increase from 2019. This is a problem that SLTT governments need to be addressing internally so that they are better able to support their constituents in recovering from their own cyberattacks.
We urge Congress to authorize and fully fund a dedicated cybersecurity grant program to help states, territories and localities develop and implement innovative and effective cybersecurity practices to better secure our infrastructure and information; help build resources and human capital; better detect, analyze and protect against cyber threats; and enhance partnerships among all levels of government.
We appreciate your continued support and your consideration of this request, and we stand ready to work with you on proposed legislation.
Sincerely,
National Governors Association
Governors Homeland Security Advisors Council
International City/County Management Association
National Association of Counties
National Association of State Chief Information Officers
National Conference of State Legislatures
National League of Cities
The Council of State Governments
United States Conference of Mayors
