Senate passes almost $2 billion in cyber security funding
State and municipal governments get security cash injection
The Infrastructure Investment and Jobs Act, which allocates $1.2 trillion in infrastructure spending across the US, made it through the Senate on Tuesday and now goes to the House of Representatives.
The legislation, which enacts some of the provisions in the president's Build Back Better strategy, includes initiatives for improving cyber security across multiple infrastructure areas, including mandates for municipal water and electricity.
The lion's share of the cyber security funding landed in the infrastructure bill via another piece of legislation, the State and Local Cybersecurity Improvement Act. This provides the funds over four years via a Department of Homeland Security (DHS) grant to bolster state, local, and tribal government cyber security. This funding will be administered by the Federal Emergency Management Agency (FEMA).
Under the Act, states must distribute at least 80% of the funds to local governments, including 25% to rural areas. Those local governments must submit a cyber security plan to the Cybersecurity and Infrastructure Security Agency (CISA), the cyber security arm of the DHS.
Senator Maggie Hassan (D-N.H), who negotiated the cyber security bill, said the funding was key to preserving national security.
"A cyberattack on a state or local government network can put schools, electrical grids, and crucial services in jeopardy,” she warned.
“Even though cyberattacks are becoming more and more common in today’s threat landscape, state and local governments often do not have the adequate resources to defend against them. This new grant program will be a crucial resource for state and local governments, and I am very pleased that it is a part of our historic bipartisan infrastructure bill."
Other cyber security measures included $250 million on a program to secure municipal and rural electrical utilities over five years and $250 million to secure the electrical grid. Another $100 million is earmarked for operational security reports and modeling energy infrastructure risk.
Another bill, the Cyber Response and Recovery Act, carves out $20 million per year from 2022 to 2028 to deal with major cyber security incidents. The infrastructure package also allocates $150 million for the DHS to spend on cyber security research. The office of National Cyber Director Chris Inglis, who was confirmed in June but had not yet received funding, gets $21 million as part of the package.
Modern governance: The how-to guide
Equipping organisations with the right tools for business resilienceFree Download
Cloud operational excellence
Everything you need to know about optimising your cloud operationsWatch now
A buyer’s guide to board management software
How the right software can improve your board’s performance
The real world business value of Oracle autonomous data warehouse
Lead with a 417% five-year ROIDownload now