As a part of the $944 billion funding package meant for the nation’s infrastructure, including the electric grid, water systems, roads and bridges, airports, and ports, among other priorities, the US Senate allocated $1.9 billion for cybersecurity. The bipartisan Infrastructure Investment and Jobs Act was passed on Tuesday, August 10, in a 69-30 vote.
Some of the cybersecurity initiatives the funds are to be used for include protecting critical infrastructure and securing it, financing a key federal cyber office, and helping vulnerable organizations develop and implement effective defense strategies.
Many sectors of the US critical infrastructure were forced to migrate online due to the COVID-19 health crisis. As a consequence of many services moving to the online space, there has been a surge in attacks launched by cybercriminals. In this context, the legislation forms a part of a broader aim to improve overall infrastructure resilience.
“A cyberattack on a state or local government network can put schools, electrical grids, and crucial services in jeopardy. Even though cyberattacks are becoming more and more common in today’s threat landscape, state and local governments often do not have the adequate resources to defend against them. This new grant program will be a crucial resource for state and local governments, and I am very pleased that it is a part of our historic bipartisan infrastructure bill,” said Senator Maggie Hassan of New Hampshire, a key person for the negotiations who insisted the funds be allocated for this purpose.
The legislation appropriates $1 billion for the State and Local Cybersecurity Grant Program at the Department of Homeland Security, meant to provide funding for state and local governments to deal with cybersecurity risks and threats over the next four years.
Another bill that forms a part of the Senate-approved infrastructure funding package is the Cyber Response and Recovery Act. The legislation allocates $100 million ($20 million annually for five years) to establish the Cyber Response and Recovery Fund. The fund is meant for federal, state, local, tribal, and private entities to request reimbursement and seek technical assistance with repairing structural damage and recovering from data loss after enduring significant cyberincidents.