Proposed legislation would extend the federal Continuous Diagnostics and Mitigation program to state and local governments to help them strengthen their cybersecurity.
State and local governments may be able to take advantage of the Cybersecurity and Infrastructure Security Agency’s Continuous Diagnostics and Mitigation (CDM) program, which currently provides real-time, continuous network monitoring of federal agency networks.
The bipartisan Advancing Cybersecurity Through Continuous Diagnostics and Mitigation Act, introduced by Sens. Maggie Hassan (D-N.H.) and John Cornyn (R-Texas), includes a pilot program that would make additional cyber defense resources available to state and local governments to help them strengthen their cybersecurity.
The bill requires the secretary of the Department of Homeland Security to establish a pilot with at least five state, local, tribal or territorial governments that promotes the use of CDM technologies. The pilot would advocate a zero trust security model, make services as simple and affordable as possible and provide technical assistance for integrating CDM products and services into state and local government systems.
According to the bill, the pilot may not require participants to use specific tools, but it allows them to select and integrate solutions that meet program objectives. Training and integration assistance would also be available.
At the end of the pilot, the DHS secretary would assess the costs, benefits and replicability of a permanent CDM program for state, local, tribal and territorial governments as well as the readiness of participants in a report to Congress.
The bill also calls for codifying the CDM program, establishing policies for reporting cyber risks and incidents based upon data collected and ensuring the program evolves with changes to the threat landscape and advances in technology such as cloud computing and comprehensive cloud security controls.
“Cyberattacks pose a grave threat to our national security and our economy,” Hassan said in a statement. “Our bipartisan bill will help the federal government stay on top of emerging cyber threats, as well as provide critical resources to state and local governments to help strengthen their defenses.”
The two senators previously worked on legislation that created cybersecurity coordinator in every state to help federal, state, and local governments, as well as schools, hospitals, and other entities, coordinate and better protect their systems against cyberattacks.
NEXT STORY: NJ mulls cyber incident reporting