Government Technology Staff
Senators James Lankford, R-Okla., Gary Peters, D-Mich., Ron Johnson, R-Wisc., and Amy Klobuchar, D-Minn., introduced a bipartisan bill to strengthen local government cybersecurity defenses by switching to the .gov domain for websites and email addresses.
The DOTGOV Online Trust in Government Act of 2019 directs the Department of Homeland Security (DHS) to provide resources and assistance to local governments wanting to adopt .gov web addresses. Federal and state government agencies commonly use the .gov domain, but it is not widely used at the local level. This trusted domain increases resilience to cybercrimes that frequently target local government systems.
"The Internet has become a main source of information, but you can't always trust what you read on the Internet," said Lankford. "The DOTGOV Online Trust in Government Act expands the federal government's ability to offer a city, state, county, or Tribal government the .gov domain, which will provide more communities access to safe, secure, online resources."
"Local governments are responsible for safeguarding citizens' personal data, from social security numbers and credit card information to detailed medical records," said Peters. "This important legislation will help protect the personal information of people in Michigan and across the country from hackers looking to take advantage of gaps in our cybersecurity defenses."
"The passage of this bill will ensure state, local, tribal, and territorial governments have greater access to a trusted domain and Department of Homeland Security resources, ultimately increasing the security of their websites in today's ever-changing cyberthreat landscape," said Johnson. "It will also help Americans and businesses know which government websites are legitimate and better prevent them from distributing sensitive information."
"When official government websites use the .gov domain instead of alternatives like .us or .com, it makes those government websites and email addresses more secure," said Klobuchar.
"Unfortunately, right now most county and local governments don't use the .gov domain. This allows cybercriminals to more easily impersonate government officials in order to defraud the public and get people to share sensitive information. Our bipartisan bill provides support services, security enhancements, and dedicated outreach to help state, local, territorial, and tribal governments to adopt the .gov domain, improving cybersecurity and trust in public services across the United States."
Many county and local governments do not use .gov, which allows cybercriminals to create fake local government websites and email addresses used in attacks that can trick individuals and small businesses into sharing sensitive information. For victims, it can be difficult to identify a legitimate website when a government uses .com, .org, or .us domains. Websites and emails ending in .gov are easily recognized as official and difficult to impersonate, which can help safeguard against these types of malicious attacks.
The DOTGOV Online Trust in Government Act directs the Cybersecurity and Infrastructure Security Agency (CISA), a component of DHS, to work with local governments to help them transition to .gov domains. The bill directs DHS to develop an outreach strategy and resources to help local government offices take advantage of .gov security features. The bill also helps the transition more affordable for local governments by making the change an allowable expense under DHS's Homeland Security Grant Program.
Lankford is a member of the Senate Homeland Security and Governmental Affairs Committee.