BILL SUMMARY DETAILS

Florida League of Cities

Cybersecurity (Watch)

SB 1670 (Hutson) requires each local government by January 1, 2024, to adopt cybersecurity standards for all information technology (IT) and operational technology, which comply with the National Institute of Standards and Technology (NIST) cybersecurity framework that is appropriate for the size of the organization. At a minimum, these standards must include routine backups of critical information and multifactor authentication. The bill also requires local governments to: 

•Conduct vulnerability testing of its IT and operational technology at least every two years.

•Require all employees with access to a local government network to receive training when they begin employment and at intervals that will be specified by the Florida Digital Service.

•Require all local government IT professionals and persons with access to highly sensitive information to undergo intensive cybersecurity training. 

•Report all attacks on a computer or network, including ransomware attacks and data breaches to the State Watch Office within the Division of Emergency Management. "Attacks" is not defined in the bill. 

The bill directs the Florida Digital Service and the Florida Cybersecurity Advisory Council to develop the training requirements and conduct the trainings virtually at certain times of the year. Local governments will be required to report all ransomware incidents to the State Watch Office, Florida Digital Service, the Executive Office of the Governor, the Department of Law Enforcement, and the local law enforcement agency within 12 hours of discovery. The bill requires local governments to communicate with the Florida Digital Service and the local law enforcement agencies prior to paying a ransom if a ransomware incident occurs. The bill also requires the Florida Digital Service to create a checklist for local governments to utilize while responding to ransomware incidents. Finally, the bill allocates $1 million in recurring funding to Florida Digital Service to disburse funds to local governments for the training required under the bill. (Taggart)

About

Other Resources

Services

Social Media

Sign Up for Publications

Subscribe for the news, events and updates from the League.

Subscribe