With cyber grants dead in Congress, states scramble to build their own defenses
Cl0p is extorting executives and tech departments for up to $50m, Nursery chain hackers remove repugnant posts, UK government takes another bite at an Apple backdoor, Oz judge continues to protect Qantas lawyers from hacker retribution, Allianz says attack affected 1.5m customers, much more
As a reminder, on Tuesdays and Thursdays, the bulk of our daily newsletter is available exclusively to paid subscribers.
Please consider upgrading your subscription so that you can enjoy Metacurity's original analysis and unparalleled cybersecurity news round-ups free of pesky firewalls. Plus, you will gain unfettered access to our archives and earn my undying appreciation for helping to keep Metacurity going. Thank you!
Want to bundle your premium subscription with a Metacurity sponsorship option? Gain exposure for your announcement, product, whitepaper, or event, and we'll toss in a paid subscription at no cost. Find out more about how you can reach an elite audience of cyber decision-makers.
One hope that died when Congress failed to pass spending bills, which then prompted the federal government’s shutdown, was the reinstatement of $1 billion in state and local cyber grants created during the pandemic but killed earlier this year by the Trump administration.
The House Homeland Security Committee tried its best to include this funding in a statute extension early in September, but that extension died on September 30, as did an extension of the Cybersecurity Information Sharing Act, also known as CISA 2015.
House Homeland Security Chairman Andrew Garbarino (R-NY) said in a statement before the imminent death of both legislative extensions:
If CISA 2015 and the State and Local Cybersecurity Grant Program expire, we would lose the capabilities of two critical tools that help mitigate evolving cyber threats by sophisticated adversaries. In both the short and long term, I am committed to finding the best path forward alongside my colleagues in the House and Senate to reauthorize and enhance these essential authorities.
The death of the state and local grants followed a March White House executive order that shifted the responsibilities of cyber emergency preparedness from the federal government to state and local jurisdictions. But the Trump administration failed to provide any additional funding for the increased duties, which cash-strapped state and local governments can scarcely afford.
It's possible that in a few weeks, Chairman Garbarino might get his way and find a new vehicle to restore the cyber grants when the government re-opens. But, “States are not waiting around for that stuff,” Mike Hamilton, field CISO of Lumifi Cyber, former CISO of Seattle, and former vice-chair for the DHS State, Local, Tribal and Territorial Government Coordinating Council, tells Metacurity.
