Michigan Republican Gov. Rick Snyder has signed a bill into law that will expand the reach of a highly trained group of volunteer cybersecurity experts from the public and private sectors.
The volunteer team, called the Michigan Cyber Civilian Corps, MiC3, has been around for three years, but has never been deployed because it could only be activated if the governor declared a state of cyber emergency, which hasn’t happened.
With the new law, called the Cyber Civilian Corps Act, the team is now designated in statute and doesn’t need a state of emergency to be called into action. That means it can step in, when requested, and provide technical assistance if the state gets hit by a cyberattack or data breach. The law also broadens the team’s reach to allow it to help local governments, nonprofits and businesses across the state.
The new law, which became effective Thursday, requires that corps volunteers undergo criminal background and FBI checks. It also includes a good Samaritan clause, which provides them with civil immunity if they give advice or make a decision that inadvertently causes harm.
Michigan officials hope the volunteer corps of cybersecurity experts from government, education and private industry, which is believed to be the first such group in the U.S., can serve as a national model. They liken it to volunteer firefighters.
State information technology officers are increasingly concerned about sophisticated efforts to breach their systems. In recent years, hackers and cybercriminals have relentlessly targeted state and local government networks, which contain information such as Social Security, bank account and credit card numbers on millions of people and businesses.