Maryland Gov Hogan Signs Three Cybersecurity Bills to Fortify State, Local Government Entities
Maryland Governor Larry Hogan has signed a number of measures to fortify cybersecurity defenses at the state’s and local governments’ agencies and other entities against cyber attackers.
Last month, Maryland lawmakers approved roughly $570 million for cybersecurity and information technology upgrades including some $200 million for cybersecurity and $330 million for information technology development projects.
“Today we are signing into law bipartisan legislation to continue solidifying our standing as the cyber capital of America, and further strengthen our infrastructure to protect Marylanders against cyberattacks,” Hogan said at a signing ceremony.
Here are the highlighted cybersecurity bills Hogan signed:
- One of the new laws, SB812, establishes the chief information security officer (CISO) as a permanent role in state government, nominated by the governor and confirmed by the state Senate. The CISO is tasked with setting statewide cybersecurity policies, including incident reporting requirements for agencies and local governments. The measure includes creating an information sharing and analysis center for sharing intelligence across state and local entities.
- A second bill, SB754, is intended to help local governments, school systems and health departments leverage the cyber preparedness unit within the Maryland Emergency Management Agency for more resources and assistance. The agency will support local governments in developing vulnerability assessments and response plans.
- A third measure, HB1205, mandates that any water and sewer system both publicly and privately operated serving at least 10,000 customers that receives financial support from the state conduct vulnerability assessments and file cybersecurity plans with Maryland officials.
State and local governments are fertile ground for hackers. In November 2020, cyber hijackers took over Baltimore county’s school system networks, and roughly a year earlier, ransomware kidnappers hit the city of Baltimore using the RobbinHood malware to shut down most of the city’s servers and some government applications.