On June 21, President Biden signed into law the State and Local Government Cybersecurity Act (S. 2520), a bill that codifies and strengthens the relationship between federal, state and local cybersecurity authorities. The new law directs the U.S. Department of Homeland Security (DHS) to share information and resources with state, local, Tribal and territorial (SLTT) governments to help them prevent and recover from cyberattacks, as counties are becoming targeted more frequently by hackers and other cyber criminals.

Counties carry a significant burden of responsibility in ensuring residents’ personal information, priceless historical records and critical infrastructure are adequately protected, recoverable, and secured in the event of a breach. Over the past few years local governments have faced hundreds of cyberattacks, with attacks often threatening to expose residents’ sensitive information or shut down critical infrastructure such as 911 call centers and water treatment facilities. S. 2520 will help counties to address cyber vulnerabilities that increase the risk of successful attacks.

Under the new law, the Cybersecurity and Infrastructure Security Agency (CISA) is directed to increase the coordination of cybersecurity response with SLTT governments. The following CISA responsibilities to support SLTT governments are specifically listed in the bill is:

• Providing operational and technical assistance to address cyber incidents
• Increasing situational awareness by sharing cyber threat indicators, defensive measures and cybersecurity risks
• Providing notifications of specific incidents
• Creating a platform to share best practices and other cybersecurity standards and policies
• Working with Chief Information Officers, senior election officials, and others to coordinate effective implementation of tools, policies and guidelines to ensure system resiliency
• Assisting in developing policies and procedures for coordinating vulnerability disclosures
• Promoting cybersecurity education and awareness.

The law also codifies a sustained relationship between CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC). MS-ISAC is a coalition of governments and organizations created in 2022 that is dedicated to improving cybersecurity for SLTT governments. Membership includes all 56 states and territories, all 50 state capitals, all 79 Fusion Centers, hundreds of local governments and more than 2,500 organizations.

MS-ISAC maintains a 24/7 watch and warning center as well as a Computer Emergency Response Team that helps members with cyber incident response and provides malware, log, and forensic analysis along with reverse engineering and vulnerability assessments. MS-ISAC analysts work with CISA analysts to improve and support the nation’s cybersecurity posture; improved collaboration between the two will ensure that critical cybersecurity information is shared with SLTT governments quickly and efficiently.

To learn more about NACo’s technology initiatives and cybersecurity resources, please visit our County Cyber Priorities resource as well as the County Leadership Guide on Cybersecurity. NACo also offers quarterly cyber simulations that are designed to strengthen the county cyber defenses and response during a security incident. More information can be found here.