Cyber Defenses Crumble as Critical Security Programs Lapse
Ransomware attacks targeting essential services – from airports and schools to 911 dispatch centers – are escalating, coinciding with the expiration of two vital cybersecurity programs. Congressional inaction leaves America increasingly vulnerable to both criminal and state-sponsored cyber threats.
The Erosion of Cyber Information Sharing
Nearly a decade ago, Congress responded to a surge in state-sponsored hacking with the Cybersecurity Information Sharing Act of 2015 (CISA 2015). This bipartisan legislation aimed to foster voluntary cyber threat information sharing between private companies and government agencies, establishing a crucial legal framework that continues to govern data flow today.
This framework underpins the exchange of everything from classified threat alerts to real-time incident reports across vital sectors like energy, transportation, and healthcare. Without it, experts predict a potential 80% decrease in information sharing between the private sector and federal government, severely hindering national cyber situational awareness. Cyberscoop details the potential fallout.
A Stalled Reauthorization and a Dangerous Proposal
Reauthorization efforts were underway before the recent government shutdown, enjoying bipartisan support. However, the process has stalled. A particularly concerning proposal from Senate Homeland Security Committee Chair Rand Paul (R-KY) threatens to dismantle the core principles of CISA 2015. His version would strip away key legal protections – including liability safeguards and exemptions from Freedom of Information Act requests – and introduce unrelated surveillance restrictions, effectively killing the trusted framework for voluntary threat intelligence sharing.
Fortunately, a more responsible path forward exists. Representative Andrew Garbarino (R-NY), Chair of the House Homeland Security Committee, introduced the Widespread Information Management for the Welfare of Infrastructure and Government Act. This bill would reauthorize CISA 2015 for ten years and includes a vital outreach mandate to ensure that small and rural critical infrastructure operators can participate in information sharing efforts. Learn more about the Garbarino bill here.
Weakening Local Cyber Defenses
Alongside CISA 2015, the State and Local Cybersecurity Grant Program (SLCGP), created through the 2021 bipartisan infrastructure law, has also expired. Unlike CISA 2015’s focus on federal-private coordination, the SLCGP directly bolsters cyber capacity at the state and local levels.
The program has funded over 800 projects across 33 states and territories, totaling $838 million. The Government Accountability Office (GAO) reports that these funds have been instrumental in preventing attacks. For example, in Utah, grant-funded tools successfully thwarted a ransomware attack targeting a major airport and a 911 emergency dispatch center. In Maryland, the program facilitated coordinated cybersecurity efforts across 40 counties.
While not without its challenges – uneven cost-sharing and bureaucratic hurdles limit access for smaller communities – the SLCGP has demonstrably improved state and local cybersecurity readiness. State officials emphasize that these projects “would not have been possible” without the program’s funding. This aligns with President Trump’s call for strengthened state and local cyber defenses in his May 2025 Executive Order. Read the Executive Order.
With the SLCGP’s expiration on August 31, this momentum is now at risk. Without continued funding, states and municipalities – particularly those lacking dedicated cybersecurity teams – will be forced to halt critical initiatives, directly weakening the nation’s cyber posture. Representative Andy Ogles (R-TN) has introduced the Protecting Information by Local Leaders for Agency Resilience Act to reauthorize the SLCGP for ten years, but it currently lacks a dedicated funding allocation.
A robust reauthorization of the SLCGP requires more than just a simple extension. It demands sustained, stable funding over the next decade, the removal of restrictions preventing the use of funds for widely adopted cybersecurity services, and reduced cost-sharing requirements for smaller jurisdictions. The “whole-of-state” model, where state agencies coordinate shared services for local governments, must be preserved and expanded.
The House has demonstrated its commitment, passing both ten-year reauthorizations with bipartisan support and including temporary extensions in the recent continuing resolution. However, the Senate’s failure to act has resulted in an immediate lapse. Inclusion of both measures in the National Defense Authorization Act is crucial for a full, long-term extension. Anything less represents a failure to protect the American people from threats already within our systems.
What level of investment is truly necessary to secure our nation’s critical infrastructure against increasingly sophisticated cyberattacks? And how can we ensure equitable access to cybersecurity resources for all communities, regardless of size or budget?
Frequently Asked Questions About Cybersecurity Programs
What is CISA 2015 and why is its reauthorization important?
CISA 2015 is the Cybersecurity Information Sharing Act of 2015, a law that provides a legal framework for sharing cyber threat information between the public and private sectors. Reauthorization is vital to maintain this crucial information flow and enhance national cyber situational awareness.
How does the State and Local Cybersecurity Grant Program (SLCGP) benefit communities?
The SLCGP provides funding to state and local governments to improve their cybersecurity capabilities, including developing plans, conducting assessments, and adopting best practices. It’s often the first significant investment in cyber defense for many jurisdictions.
What are the potential consequences of these programs expiring?
The expiration of these programs could lead to a significant decrease in information sharing, weakened local cyber defenses, and increased vulnerability to ransomware and other cyberattacks targeting critical infrastructure.
What is the current status of the reauthorization efforts in Congress?
The House has passed reauthorization bills for both programs, but the Senate has failed to act, leading to their expiration. Their inclusion in the National Defense Authorization Act is now critical.
What is the “whole-of-state” model for cybersecurity?
The “whole-of-state” model involves state agencies coordinating shared cybersecurity services for local governments, maximizing efficiency and resource utilization.
Discover more from Archyworldys
Subscribe to get the latest posts sent to your email.