WASHINGTON, D.C. –– Last week, the Subcommittee on Cybersecurity and Infrastructure Protection convened a hearing to examine ways the federal government can better support state and local governments in deterring cyber threats, including through the Cy…

WASHINGTON, D.C. –– Last week, the Subcommittee on Cybersecurity and Infrastructure Protection convened a hearing to examine ways the federal government can better support state and local governments in deterring cyber threats, including through the Cybersecurity and Infrastructure Security Agency (CISA) and the State and Local Cybersecurity Grant Program (SLCGP). 

Witness testimony was provided by Kristin Darby, Chief Information Officer for the State of Tennessee; Colin Ahern, Director of Security and Intelligence for the State of New York; Warren Sponholtz, Chief Information Officer for the State of Florida; and Samir Jain, Vice President of Policy at the Center for Democracy & Technology. 
 
Witnesses emphasized the importance of state and local entities, many of which operate with limited cybersecurity staff, aging technology, and constrained budgets, having access to the technology, federal resources, and cyber workforce needed to help prevent and respond to cyber threats against our communities. As artificial intelligence (AI) changes the national security landscape and lowers the barrier to entry for cyber threat actors, witnesses and members discussed the need to address vulnerabilities in the information systems and operational technology that power the critical infrastructure Americans rely on every day.
 
In November 2025, the House of Representatives passed Subcommittee Chairman Ogles’ legislation, the “Protecting Information by Local Leaders for Agency Resilience Act” (PILLAR Act), to reauthorize and enhance the SLCGP for seven years. 

In his opening statement, Subcommittee on Cybersecurity and Infrastructure Protection Chairman Andy Ogles (R-TN) reiterated the need for the federal government to support and empower cybersecurity efforts at the state and local levels amid heightened threats and the importance of reauthorizing the SLCGP:

“Artificial intelligence is changing this fight in both directions. State and local governments are beginning to use AI to detect threats faster, respond more efficiently, and do more with limited staff. But our adversaries are using those same capabilities against us, crafting more convincing phishing attacks, finding vulnerabilities faster, and carrying out operations that once required specialized expertise.”

“The core problem is a mismatch that Congress has an obligation to address. State and local governments are expected to defend against the same adversaries our Intelligence Community tracks, including China, Russia, and Iran, but with budgets and workforces that bear no comparison to what those nation-states deploy against us. A county government in rural America may not have a single dedicated cybersecurity professional. And yet that county holds sensitive data on its residents, runs systems that deliver essential services, and sits inside a network of American infrastructure that our adversaries are actively working to disrupt.”

“Unless Congress acts, that program expires this September. We should not let that happen, and we certainly should not let it happen at a moment when the threat is growing ever worse. That is why I am committed to enacting the PILLAR Act, which we passed and we sent to the Senate Homeland Security Committee. Reauthorization alone is not enough, though. We have four years of program history now, and we owe it to taxpayers to ask whether the money is being spent well, whether the structure is right, and whether the outcomes match the investment. Today is an opportunity to get honest answers from the people who have actually run these programs.”
 
Subcommittee Chairman Ogles asked how AI can be leveraged as a defensive tool against cybercriminals, to which Ms. Darby testified:
 
“AI has become an integral part of our operational readiness. The areas that we’ve seen successes are in reducing the time to react. So the speed of change is most important throughout our environment and the ability to quickly detect. And so we have seen AI tools allow us to close that response gap in ways that exponentially increase our ability to react and cover endpoints throughout not only state government, but also local government.” 
 
Subcommittee Chairman Ogles then asked about the challenges facing local governments in defending critical infrastructure networks from sophisticated adversaries, to which Ms. Darby testified:
 
“Workforce continues to be an area of challenge, just develop[ing] talent around using AI tools and understanding how the threat landscape is changing. Things are moving at a very rapid pace, and so continuing to understand that not only the State of Tennessee, but our partners, have the right resources with the right knowledge around those tool sets––and how to best apply them based on the evolving threat landscape––has been one of the areas of challenges that we continue to address.”
 
Subcommittee Chairman Ogles also asked about the importance of focusing cyber resources, including funding provided through the State and Local Cybersecurity Grant Program, on the sectors and communities that are most vulnerable to cyberattacks, to which Mr. Sponholtz testified:
 
“Our strategy in Florida has been to focus on the rural communities, the fiscally constrained communities, whether that be the state program or thefederal program. Definitely prioritize them as well as our critical infrastructure assets throughout the state––recognizing that they have difficulties being able to buy some of those kind of solutions that are critical to protect their information systems.”

Subcommittee on Transportation and Maritime Security Chairman Carlos Gimenez (R-FL) asked if cyber adversaries, such as the People’s Republic of China (PRC), have better offensive cyber capabilities, to which Mr. Ahern testified:
 
“The Federal Bureau of Investigation last year indicted approximately 15 members of an organization called i-Soon, which is a Chinese private company that was, as alleged in the indictment, used by the Chinese Ministry of State Security to conduct surveillance on dissidents overseas to obtain, you know, economically and militarily important information in the United States… They’re using their own private sector to amplify the effects of their transnational repression, their economic espionage, and their theft of intellectual property… It’s clear that our adversaries are extremely well-resourced.”
 
Subcommittee Chairman Gimenez then asked how local and state governments are incorporating AI, to which Mr. Sponholtz testified:
 
“This is something that the entire cybersecurity industry, whether it’s corporate side or government side, is paying a lot of attention to because there’s a large pending threat around that vulnerability assessment and exploit generation that will just happen so much faster than what we’re used to… We are looking at it, as I mentioned earlier, about making it so that we can operate faster, more efficiently. But I think the real answer is collaboration between state, federal, private sector to be able to develop solutions to, like you said, Congressman, fight fire with fire and use AI to be able to defend this nation and the governments within it.”

 Rep. Vince Fong (R-CA) asked how rural communities strengthen their cybersecurity posture amid risks posed by emerging technologies, to which Ms. Darby testified:
 
“Low-touch, high-impact solutions [are] what we have seen be successful across Tennessee. The rural communities have a strong commitment to increasing their cyber protection, but they don’t have the manpower. And so managed solutions and different types of automated solutions are going to be critical for those areas.”

###