Legislation is Getting Real

At least 45 states and Puerto Rico introduced or considered more than 250 bills or resolutions that deal significantly with cybersecurity.

In case you still doubt whether legislation is coming, whether you participate or not, here’s an update.

The NSITSP Legislative Committee has been working hard on two fronts. One is to begin preparing documents and training so that we can help members talk to their state legislators (and staff) about cybersecurity and the role of the MSP or ITSP. The other is to begin examining exactly what the states are up to.

Almost every state has now formed a committee with “cybersecurity” in the title. And since the role of legislators is to legislate, you can see that they’re looking at some thing. In today’s meeting, the Committee shared some great links to current activities in their chat. I thought I’d share with you.

Keith Nelson provided the juiciest link. The National Conference of State Legislators is an information-sharing organization for all the state legislators and their staff. And here’s the most recent report of 2021 activities:

https://www.ncsl.org/research/telecommunications-and-information-technology/cybersecurity-legislation-2021.aspx

Here’s the chewy goodness from that post:

  • At least 45 states and Puerto Rico introduced or considered more than 250 bills or resolutions that deal significantly with cybersecurity.

The most commonly-address issues are:

  • Requiring government agencies to implement cybersecurity training
  • To set up and follow formal security policies, standards and practices
  • To plan for and test how to respond to a security incident
  • Regulating cybersecurity within the insurance industry or addressing cybersecurity insurance
  • Creating task forces, councils or commissions to study or advise on cybersecurity issues
  • Supporting programs or incentives for cybersecurity training and education.

The really good news: Most of these actions represent opportunity to IT Service Providers who are up to spec on security and up to speed on training and other offerings. This is also a great opportunity for us to get in touch with these legislative bodies and provide meaningful training to their constituents. It would be great be known, and know as positive contributors, before we have an “ask” for a legislative body.

Many legislative bodies are also beginning their self-education on these issues. See links below. We are moving forward to begin basic training on what it takes to begin interacting with legislators and their staffs. Stay tune for specifics, but we’re planning a Zoom meeting on this training for January.

Bottom Line: Legislation IS coming. You can either participate and try to affect it, or you can sit on the sidelines and watch the parade go by.

Join Us! Become a Professional Member Today! https://www.nsitsp.org

—–

Links:

https://www.startribune.com/new-legislative-commission-begins-work-on-studying-minnesotas-cyber-defenses/600121305/

https://www2.illinois.gov/sites/doit/Strategy/Cybersecurity/Documents/CyberSecurity-Strategy-2021.pdf

http://www.statescape.com/resources/legislative/legislative-process/

https://guides.library.illinois.edu/c.php?g=347254&p=2342631

🙂