00:00I recognize the gentleman from Rhode Island, Mr. Magaziner, for five minutes of questions.
00:04Thank you, Chairman. The state and local cybersecurity grant program is an essential
00:09resource to help states and municipalities protect themselves against cyber attacks. This grant
00:15program helps secure critical infrastructure like schools, hospitals, electric grids,
00:21water systems. And in my home state of Rhode Island, it has been instrumental in providing
00:27cybersecurity training, for example, for staff at state agencies and municipalities so they can
00:32better protect taxpayer data, securing schools and academic institutions from ransomware attacks,
00:38and protecting critical infrastructure from being infiltrated by hackers.
00:43I am concerned by reports of potential delays and cuts to these grants by the Trump and Musk
00:49administration, and I'm glad to see that, at least on this subcommittee, there appears to
00:53be bipartisan support for continuing the program in a robust form. But you would forgive us for
00:59being concerned, because in addition to the reports of delays, we have heard that the Trump
01:06and Musk administration has been firing staff at CISA and at FEMA, the two agencies responsible for
01:13administering this program. And we have also heard from Secretary Noem herself that she plans to,
01:20quote, eliminate FEMA and significantly shrink CISA. She said that in her Senate confirmation
01:27hearing. This would be a tremendous mistake. The threat that we face from foreign malign actors,
01:36from criminal organizations, to critical infrastructure, to cybersecurity,
01:41to our cybersecurity, are immense. The Chinese are working overtime, putting tens of thousands
01:46of people toward trying to infiltrate every system, even in the smallest towns in this country.
01:51Same with the Russians, same with the Iranians, the North Koreans, and of course, criminal cyber
01:56gangs as well. We've had significant breaches in Rhode Island as a result. This is not the time
02:02to take our foot off the gas, as the Secretary said was her intention during her Senate confirmation
02:09hearing. And unfortunately, this is part of a pattern, because when she was governor of North
02:13Dakota, Secretary Noem was one of only two governors in the entire country to refuse to accept
02:19state cybersecurity grants in 2022. Her administration called them, quote, wasteful spending.
02:25In 2023, yet again, she was now the only governor in the entire country to refuse these grants for
02:32her home state. And of course, we have seen that the administration is not off to a great start
02:38with its own cybersecurity practices, with service members' lives being put at risk from
02:47confidential information being discussed in an unsecured group chat, and of course, Elon Musk's
02:53army of unvetted interns going through everybody's personal data with very little transparency. But
03:01given that backdrop, it is more important than ever that Congress send the message that
03:07cybersecurity still matters to us, that we do not consider it to be wasteful spending,
03:12and particularly we want to continue to support states, municipalities,
03:18utilities in our home states with this program. So I have limited time, but Mr. Fuller, can you
03:26elaborate on any reports of delays, cuts or pauses to this program?
03:33What have you seen so far, and what would the negative consequences be?
03:38Thank you, and I appreciate your point that there's a lot of bipartisan support for this
03:42program to continue. Certainly the risk doesn't take politics into account. One of the concerns
03:49we have about the program is some of our states chose not to participate because they were afraid
03:55that the funding would not continue on, and they were afraid to launch a program that might then
03:59get cut, and that created some hesitation for some states. For us, we're all in with the program,
04:06and it has been extremely beneficial. I mentioned in my testimony we've blocked seven
04:10major attacks in the last six months alone, and so we would hope that the funding could
04:19be extended by Congress without delays. Those delays could cause serious problems in adoption
04:24of the program. Thank you, and Mr. Raymond, if FEMA is eliminated and CISA is significantly cut,
04:31as Secretary Noem has promised, what impact would that have on the ability of your state and others
04:39to maintain strong cybersecurity and take advantage of programs like this one?
04:44I do believe that FEMA and our emergency management in Connecticut, along with CISA
04:50on the security side, have been great partners with us on this cyber battle.
04:56State and local governments are not prepared to fight this kind of cyber engagement with
05:04foreign nations. I would say in combination with the reductions to MS-ISAC and CISA support,
05:14additional responsibilities are falling on the states to fight these battles. Should further
05:21reductions, or FEMA reductions for that matter, be put in place, I would say it would diminish
05:28our ability to help the municipalities that are part of our jurisdiction and defend on behalf of
05:34the state. All right, thank you. I'm over time, so I'll yield back. The gentleman yields back.
Comments