Bipartisan Coalition of Congressional Tech Leaders Push to Modernize State Information Technology Infrastructure as Part of Coronavirus Relief

May 22, 2020 Issues: Budget, Cybersecurity, Rhode Island, Vote

WASHINGTON – Congressmen Jim Langevin (D-RI), Michael T. McCaul (R-TX), Cedric Richmond (D-LA), and Mike Gallagher (R-WI) led a bipartisan letter signed by 25 other Representatives to House and Senate leadership requesting funding in future coronavirus relief to help modernize and secure state and local government information technology infrastructure. Langevin and McCaul are the co-founders and co-chairs of the Congressional Cybersecurity Caucus, Richmond serves as the Chairman of the Cybersecurity, Infrastructure Protection and Innovation Subcommittee of the Committee on Homeland Security, and Gallagher co-chairs the Cyberspace Solarium Commission, of which Langevin is also a member.

“In the bipartisan CARES Act, we recognized the vital role states and municipalities are playing on the front lines of this crisis and provided funding both to address COVID-specific needs and to help administer federal programs that are managed by state agencies. However, these investments are insufficient to address the significant technical challenges states continue to face, nor will they address rising cybersecurity concerns as more work is conducted remotely,” the members write in their letter.

Citing considerable issues with legacy state systems that have struggled to keep up with surging demands for services like unemployment insurance benefits, limited telework capabilities for state and local employees, and increased concern over cyber threats, the letter emphasizes the need for investments to enhance local government operations and cybersecurity.

“Increased reliance on technology broadens the attack surface that malicious actors, whether criminals, nation-state adversaries, or hacktivists, can exploit. Unfortunately, legacy IT systems often run on proprietary and no longer supported technologies and are frequently incapable of allowing even relatively unsophisticated cybersecurity controls,” the members add.

The request aligns with a recommendation from the Cyberspace Solarium Commission. The Commission, a Congressionally-chartered group that includes members of Congress and the Administration, as well as private sector leaders, released its report in March after a year of meetings. In it, the Commissioners call for incentives to encourage state, local, tribal, and territorial governments to acquire secure cloud services.

In their letter, the members lay out four principles regarding funding for state and local governments to update antiquated IT infrastructure, including maximum flexibility for systems eligible to receive funding; certification baselines and security planning requirements; consideration of local needs; and investments for the needs of today and for the future. They also note that this funding should be tied to proposals such as Richmond’s H.R. 5823, the State and Local Government Cybersecurity Improvement Act, which would provide $400 million in grants for states to address ongoing cybersecurity risks that the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) considers imminent such as those related elections.

“In this new era of increased reliance on IT systems to deliver public services, we urge you to fund state and local IT modernization initiatives as part of future coronavirus-related legislation. These efforts will enable states to rapidly scale up to meet extraordinary demand and reduce vulnerability of their networks,” the letter concludes.

Full text of the letter.