New Law Reinforces Cybersecurity Protections for State and Local Governments
WASHINGTON, D.C., June 23, 2022 – This week, President Joe Biden signed into law the State and Local Government Cybersecurity Act (S. 2520), which will strengthen coordination between the U.S. Department of Homeland Security and state, local, tribal, and territorial (SLTT) governments.
Specifically, the law codifies coordination with the Center for Internet Security’s Multi-State Information Sharing and Analysis Center® (MS-ISAC ®) to provide cybersecurity services to help SLTT organizations monitor and prevent emerging cyber threats. These agencies are prime targets for hackers, who have become more aggressive and sophisticated in their tactics, and recognize the financial damage and disruption to public services they can create.
“On behalf of our members, who include all 56 states and territories and over 13,000 other state, local, tribal, and territorial government organizations, we want to thank the U.S. Congress for passing this significant legislation and the President for signing it into law,” says Josh Moulin, Senior Vice President and Acting General Manager at CIS. “We pay special note to Senators Peters and Portman who guided this bill to passage in an overwhelming, bipartisan fashion. This statute, which comes at a time when threats to our country’s critical infrastructure have never been higher, codifies a national, voluntary, cooperative collaboration that literally works 24 hours a day to keep our country safe from cyber attacks.”
The MS-ISAC has been operated by the Center for Internet Security since 2010. The ISAC is a highly regarded and trusted national community of more than 13,000 state, local, tribal and territorial organizations that share the latest cyber threats and best practices. MS-ISAC members are supported by a 24x7x365 Security Operations Center (SOC), which provides real-time threat monitoring, identification, analysis, and remediation. Members come from a variety of public sectors, including government entities, K-12 schools, public universities, public hospitals, and more.
“The MS-ISAC helps us to protect our networks and systems at a higher level than we can on our own,” says Arnold Kishi, Senior Advisor, Office of Enterprise Technology Services, State of Hawaii, and MS-ISAC Executive Committee Chair. “The information-sharing is tremendously helpful, as are the best practices and other supporting MS-ISAC resources. For smaller entities without IT departments, the MS-ISAC provides the tools and guidance to secure their networks at no cost to them. There is safety in numbers and with 13,000 members and growing, we have ongoing trust in the MS-ISAC to keep us all safe and secure, even as cyber threats escalate in frequency and sophistication. We encourage all SLTT organizations to join the MS-ISAC.”
# # #
The Center for Internet Security, Inc. (CIS®) makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation. We are a community-driven nonprofit, responsible for the CIS Critical Security Controls® and CIS Benchmarks™, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals to continuously evolve these standards and provide products and services to proactively safeguard against emerging threats. Our CIS Hardened Images® provide secure, on-demand, scalable computing environments in the cloud. CIS is home to the Multi-State Information Sharing and Analysis Center®(MS-ISAC®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center®(EI-ISAC®), which supports the rapidly changing cybersecurity needs of U.S. election offices. To learn more, visit cisecurity.org or follow us on Twitter: @CISecurity.