Watch on Washington – February 19, 2020

NASCIO Endorses State and Local Cybersecurity Improvement Act

On February 10, U.S. Representatives Cedric Richmond (D-LA) and John Katko (R-NY), the chairman and ranking member of the House Committee on Homeland Security Cybersecurity, Infrastructure Protection and Innovation Subcommittee, along with 12 other members, introduced H.R. 5823, the State and Local Cybersecurity Improvement Act. H.R. 5823 would create a new $400 million annual grant program to state and local governments to improve their cybersecurity posture. The bipartisan legislation, which can be found , would require states to develop cybersecurity response plans that would be submitted to the Department of Homeland Security (DHS) in order to qualify for the grants. H.R. 5823 would also establish a 15-member State and Local Cybersecurity Resiliency Committee to advise DHS on the efficacy of the grant program. 

Senate Homeland Security Committee Urged to Provide Cybersecurity Resources to State and Local Governments

On February 11, the U.S. Senate Committee on Homeland Security and Governmental Affairs held a hearing titled, “What States, Locals and the Business Community Should Know and Do: A Roadmap for Effective Cybersecurity.” Witnesses for the hearing were Chris Krebs, Director of the Cybersecurity and Infrastructure Security Agency, Amanda Crawford, Executive Director of the Texas Department of Information Resources and Chris DeRusha, Chief Security Officer in Michigan. All the witnesses agreed that the federal government should dedicate additional resources and expertise to local governments, who have been frequent target of high-profile ransomware attacks. 

Election Websites at Risk
A recent McAfee report found that election websites in more than a dozen battleground states lack basic cybersecurity functions that could allow them to be subject to hacking and misinformation campaigns. The cybersecurity firm found that across the 13 states studied only 54% of county websites had an encrypted front page and only 17% were on the DotGov domain. NASCIO has been a longtime advocate of the  of DotGov. 

NASCIO Endorses State and Local Cyber Improvement Act

click image to enlarge document

NASCIO Statement on Contractor Monitoring/Billing Verification Legislation

The National Association of State Chief Information Officers (NASCIO), which represents state CIOs, opposes all state legislation that would mandate contractor monitoring or billing verification software due to the significant risks to citizen privacy and federal regulatory compliance concerns it would create. Additionally, NASCIO remains concerned that this legislation would pose risks to state computer networks, impose unnecessary and burdensome requirements on state contractors and would lead to increased costs to the states. While NASCIO certainly supports contractor productivity and transparency, cost efficiency and successful project outcomes, legislation of this nature would introduce unnecessary risks to citizen data by essentially transferring ownership of private citizen data to a third party. This type of legislation, even through mandated pilot programs, has the potential for unintended consequences, such as impacting a state’s cybersecurity insurance policy coverage. State CIOs inherently understand and appreciate the seriousness of protecting citizens’ data, and therefore do not support legislation that would serve to increase or introduce additional risk.

Watch on Washington – February 5, 2020

Bipartisan Legislation Establishing State Cyber Coordinator Introduced in Senate
On January 22, U.S. Senators Maggie Hassan (D-NH), John Cornyn (R-TX), Rob Portman (R-OH), and Gary Peters (D-MI) introduced the Cybersecurity State Coordinator Act. The legislation would require the Department of Homeland Security to establish a Cybersecurity State Coordinator position in every state. Each state would have its own federally funded Cybersecurity Coordinator, who would be responsible for helping to prevent and respond to cybersecurity threats by working with federal, state, and local governments as well as schools, hospitals, and other entities. NASCIO and numerous state CIOs and CISOs worked extensively on the drafting of this bill. Check out the bill >

NASCIO Releases 2020 Federal Advocacy Priorities
NASCIO’s Executive Committee approved our annual list of federal advocacy priorities for 2020. These priorities include: continued harmonization of federal cybersecurity regulations, advocate for dedicated cybersecurity funding for state and local governments with CIOs as key decisionmakers, advocate for the widespread adoption of the DotGov domain for local governments, and the recognition of state authority and ongoing innovation with emerging technologies. Take a look at NASCIO’s 2020 federal advocacy priorities >

Congress Expresses Concern About REAL ID Deadline
On January 30, a bipartisan group of Senators and Representatives sent a letter to the Department of Homeland Security (DHS) for details on its plans regarding the October 1, 2020 deadline for the switch to REAL ID compliant identification cards. The letter expressed concern of the potential for nearly 100,000 Americans to be stranded from air travel. See the letter sent to DHS >

Technology Champion Award Submission Open

NASCIO’s Technology Champion Award recognizes one individual annually for outstanding contributions in the field of information technology in the public sector. The recipient champions the critical role of IT and innovation in the business and continuity of state government, and advances the belief that IT is a transformational tool that enables positive change for citizens.

Nominations are due Wednesday, February 5. Champions of state technology from any industry are eligible. Current state CIOs are not eligible for the award.

Learn More & Submit a Nominee