May 11, 2012

To: 
U.S. Senate Leadership
U.S. House of Representatives  Leadership
U.S. Senate Committee on Commerce, Science, and transportation
U.S House Committee on Energy and Commerce
U.S. Senate Committee on Homeland Security and Governmental Affairs
U.S House Committee on Homeland Security
Congressman Mac Thornberry

 

Dear Senator/Representative:

As recent congressional testimony has made apparent, the security of the nation’s information infrastructure is quickly becoming one of the most serious threats our country faces. In order to combat this growing threat, all levels of government and a broad range of stakeholders including the private sector must work together to devise appropriate solutions.

As you develop cybersecurity legislation during this session, the undersigned organizations wish to impress upon Congress the importance of considering some key principles and values.

1.      State and local governments must be viewed as critical stakeholders in national cybersecurity efforts. Both execute programs overseen and funded by federal agencies, and frequently are custodians of federal data. They also operate and manage critical infrastructure including data centers and networks which are necessary for basic homeland security and emergency management functions. Therefore, the federal government must work with state and local government to share threat information and to provide technical support to protect computer networks and other related critical infrastructure. 

2.    The federal government must avoid unfunded mandates on state and local partners. Public budgets are still strained at all levels of government, and while state and local stakeholders wish to contribute to the overall cybersecurity effort, the ability to independently fund initiatives at this time is unlikely. Likewise, federal program requirements and directives have traditionally hindered state and local governments from potentially achieving economies of scale.

3.      Federal, state and local governments should collaborate to invest in cybersecurity awareness, education and training for public sector employees, contractors and private citizens. 

4.      The civil liberties and privacy of all citizens must be maintained while also establishing the safety and stability of the internet and electronic communications. This is especially critical as governments continue to expand online and electronic services. Safeguarding public sector data that includes personal information of citizens will require cooperation and collaboration on data standards and cybersecurity methodology at all levels of government.

5.      Many federal initiatives fund internet and information security programs. However, without cross-cutting communication and coordinated assets, the efforts will not realize maximum efficiency and impact. If there are privacy and security requirements that are preconditions of federal programs and funding they must be uniformly interpreted and implemented across all agencies and levels. 

The combined capacity of federal, state, and local governments to adequately safeguard the Nation’s critical infrastructure systems remains essential to ensuring effective operations across the full spectrum of the threats we face. Furthermore, in order for communities to effectively manage emergency situations, cyber systems must be resilient to acts of terrorism, attacks, and natural disasters.

Thank you for the opportunity to comment on this critical effort currently underway in Congress. As you develop the legislative strategy moving forward, we hope you will seriously consider these principles and the impact on state and local officials. 

Should you have any questions or require additional information, please contact Matt Cowles, Director of Government Relations for the National Emergency Management Association at 202-624-5459.

 

Sincerely,

American Public Works Association
Council of State Governments
International City/County Management Association
National Association of Counties
National Association of State Chief Information Officers
National Association of Telecommunications Officers and Advisors
National Conference of State Legislatures
National Emergency Management Association
National League of Cities
U.S. Council of the International Association of Emergency Managers (IAEM-USA)