Perspectives from Partners: Nat'l Conference of State Legislatures (NCSL)

By Yejin Jang posted Jun 13,2016 02:55 PM


This month, we interviewed Susan Frederick, Senior Federal Affairs Counsel for the National Conference of State Legislatures (NCSL).  NCSL is supports, promotes, and advocates on behalf of its state legislator membership. In March 2016, NCSL established their first Cyber Task Force which will operate for two years. NCSL’s Cyber Task Force will focus on cyber issues confronting state government.

Could you describe the typical day for a state legislator?

As you probably know most legislatures are part time bodies that only meet for certain parts of the year. I would say there are two separate days and lives – there’s a day in the life of the legislator while in session and day in the life when out of session. Generically speaking, when in session, your days are consumed with a combination of committee hearings, constituent meetings, advocacy group meetings, caucus meetings, meetings with your colleagues, staff briefings, and even bill drafting sessions (where if you’re going to introduce or amend a bill, you’re working on the bill with your staff). On session days, you are at the capitol debating and voting on bills. On committee days, you are in committee hearings discussing or marking up bills before they go to the floor of your chamber.

If you’re the chair of a committee, you’ve got committee responsibilities in addition to your responsibilities as a legislator representing your specific district. So you’re going to have a different set of meetings and hearings with committee members, constituent groups and advocacy groups that are focused on the issues coming forward in your committee.  You may also be asked to give speeches at various functions and meetings. If you’re a legislative leader, you can then add on to that with leadership meetings, caucuses, determining party platform goals for your state and party. Meetings with the governor or governor’s staff also occur and that’s a rough snapshot of a day in session.

Due to the brevity of many legislative sessions and the large volume of legislation to be considered, legislators pack a lot of activities into their days. The work does not stop at 5 p.m. Legislators’ evenings may be consumed with more meetings, fundraising (in election season), constituent dinners, advocacy group events and those kinds of things. Sometimes, particularly towards the end of a legislative session, floor debate and votes can carry over into the late evening as legislators work to get their bills passed.

When you’re out of session you are still maintaining a district office. So you’re checking in with your district office, you’re handling constituent emails, meetings, and events related to your district and issues important to constituents in your district. And you also have your day job so whatever that may be – lawyer, businessman, farmer, retired person, teacher – [legislators] come from all walks of life. It’s a very, very busy vocation and it takes a special person who commits to holding state legislative office because it is truly someone who believes in public service and wants to do more for the public good.

Speaking of hearings, could you tell us about the different types of hearings, when they’re called and why?  

There is a period before a legislative session begins – it’s called the bill drop period – and it’s that period of time usually a month or two before the session where legislators who wish to introduce legislation on a particular issue of interest, formally put their bill into the system. Every bill is then referred to one or more committees of jurisdiction. After all of the bills are referred, committee chairs and ranking members have discretion to determine which of those bills that have been introduced will receive a committee hearing. If there are many bills introduced that address the same issue, chances are high that the issue will get a hearing. If a bill is consistent with the Speaker or Senate President’s agenda, that bill or bills will get a hearing.

 What bills are actually chosen to move forward? There are political considerations – if the chair has introduced a bill, that chair will schedule a hearing and markup of their bill. If there are a lot of bills introduced by the majority party – those are usually the bills that receive a hearing. If there are bipartisan pieces of legislation that have significant number of republican and democrat co-sponsors, [that bill] will get a hearing or that topic would get a hearing.

[In addition to legislative hearings,] there are also oversight hearings. Legislative committees call oversight hearings for various reasons, but the goal is to determine what their executive branch agencies are doing and how successful they are at doing it. Are there budget issues in a particular agency? Are there internal problems that need to be fixed?  Executive agencies, when called to an oversight hearing, have the responsibility of preparing information for legislators to know how [the agency] is doing. Where are your successes and failures? What are your obstacles? How can we help you? [This happens through the] oversight hearing process. There are also appropriations or budget hearings where legislators on an appropriations or budget committee determine funding for state government agencies and localities.

Tips for CIOs when at hearing – and tips for CIOs as they build relationships with legislators?

It’s very important to establish a good highway of information between the agency and the legislators who have oversight and appropriations or budget responsibilities for that agency. I also think it’s important to establish communication with leadership in both chambers. You will find that legislators like to be informed [but] they don’t always know how to seek out the information. They’re not always available to come to you so going to them is a very good way of staying in touch. Meeting with a legislator’s chief of staff or legislative director or aide well before an oversight or appropriations hearing is very important.

I think one of the things we learned about legislators and the cyber world is that there isn’t a lot of communication that goes back and forth and legislators don’t derive the bulk of their [cybersecurity] information from those who hold expertise on the subject. They learn it from the popular press, and that’s a problem. As a CIO, if you don’t have an ethical responsibility to inform you should have a moral responsibility to inform the people who are in charge of appropriating money for your budget, conducting your oversight hearings, and making sure that you have what you need to do your job effectively. It is very important to establish that communication and to – in a professional way – express what you need and work within the system to get that.

Communication on cyber issues must be conducted regularly. It should be a recurring item on [the CIO’s] calendar, every month or two months or every quarter, even. Go in and talk to people who need to know what you’re doing. It will make your oversight hearing go much more smoothly if there’s already an understanding of what’s going on. Nobody likes bombshells dropped in a public forum on either side. It’s no good. You have to talk. You have to send reports. You have to utilize whatever means you have to reach out to the legislative branch. Make them pay attention to you. Communication efforts should not stop at the end of session, but should continue throughout the year.

[Legislators] work in 15 minute increments. Especially when they’re in session, they’re super busy. And if you have a state with a very short legislative session like Virginia or Florida, you’ve got 60 days which isn’t a lot of time. If you’re in a larger state, your time is even more compressed.

Let’s talk about outside the legislature for just a moment – if you happen to work in the same field as one of your legislators, if you live in somebody’s district, if you are aware of them through community activities – use that as an opportunity to humanize yourself. We’re not just all about the money and the resources. [Legislators] are people and their job is to reach out and be aware of issues that are important in the state. Be creative with your outreach. It will go miles toward creating a good relationship.

How do legislators view cybersecurity?

The issue of cybersecurity is gaining traction in states. I think the primary issue is educating legislators on what the priorities for cybersecurity within state systems ought to be which is where the role of CIOs is very useful. CIOs are in control of that information so it’s important to put that out there. I don’t know how big the CIO offices are – [but] if CIOs have an office with staff, maybe you do a cyber newsletter or a cyber update. Maybe [CIOs could] put it in writing and follow up with an in-person meeting.

Legislators want to know more about a lot of different things in the cyber field. They want to know how to retain a workforce. How do we get qualified people to want to come work for state government and stay with that special skillset that you need to engage in this field? Additionally, you have to have the right education and training. There are state universities that maybe need to implement cyber degrees – that is something that the legislature can play a role in. What does that curriculum need to look like? Education and workforce development are big issues for legislatures.

Another issue is in the public safety field – cyber crime – how do we protect our systems from cyber hacking and acts of cyber terrorism? What are the necessary tools that we need to do that? Who’s in charge of getting those tools? How do we know we’re getting the right tools? Who will teach our employees how to prevent system corruption while on the job? Somebody help us! [Legislators] are interested in learning as much as they can from private sector companies that have been down this road before and have been able to implement different software or hardware fixes. Legislators are really craving that knowledge. And there aren’t a lot of places to get it within the state. They have to go outside. Who should they be talking to on the outside? Who are the best companies positioned to address this within the state context? That’s a really hard niche to fill.

Another issue related to [public safety] is the security of our infrastructure. So many things are connected to the internet now that are state controlled. [States] are no different than the private citizen in that if we can digitize it, we will because it saves us money.  Our energy grid, our water supply, our fire and emergency response, everything is via Bluetooth, internet – those types of connections. How do we keep them safe? How do we strengthen them? Not just from cyber attack but from disasters. There’s a tornado that blows through and takes out half of your energy grid, how do you deal with that? So that’s another really important issue.

Also, risk assessment, learning where are our vulnerabilities? That helps [legislators] be more cost-effective because they don’t have a lot of money to throw at this problem. So, where are the greatest risks? Where are the greatest holes in security? Where is funding most needed and can we work with what we have? Is what we have so terrible that we can’t use it? Are there pieces of what we have that we can use? Can we dedicate them to other sources? How do we look at where our most vulnerable areas are and how do we deal with that?

What kind of new issues are emerging among legislators?

Generally, we are very focused on the new education law that just passed (Every Student Succeeds Act P.L. 114-95) and its implementation. How is that going to impact states both substantively and cost-wise? What will that mean?

Transportation is a huge issue. We are crumbling from within. So appropriations are very important – how is that going to impact states? Are we going to be able to survive and fix our bridges and roads?

Another issue is criminal justice reform. There is a big sentencing reform bill that is poised to pass in the Senate and even though that only deals with federal sentencing, states take their guidance from the feds and if they’re streamlining and changing processes, there’s a very high chance that some states will look at their [laws] and say, “oh yeah we need to fix that, too” and make it look more like the federal law even though [states are] not mandated to do so. Good ideas are good ideas.

The opioid issue is huge. Legislators have been passing good samaritan laws which allow both EMS and first responders and even in certain number of states, the average citizen, to have the ability to address someone who is suffering from an overdose and help them recover without dying. So that is a huge issue.

Taxation issues are important. Internet sales tax issue continues to be a priority for our organization – RTPA (Remote Transaction Parity Act). That’s always a perennial priority.

Resources Mentioned in this Article

NCSL Cyber Task Force

NCSL 50-State Searchable Bill Databases

NCSL Comments on the Remote Transaction Parity Act

NCSL Summary of the Every Student Succeeds Act, Legislation Reauthorizing the Elementary and Secondary Education Act