HB 1033 & SB 7050-Relating to Information Technology Security
On Wednesday, February 8th, HB 1033, relating to Information Technology Security, by Rep. Frank Artiles (R-Miami) was heard before the House Government Operations Appropriations Subcommittee and passed unanimously by a vote of 9 yeas and 0 nays. AIF stood in support of this bill.

HB 1033 will put into place procedures to, hopefully, prevent/aide state agencies in the event of a cyber-attack. The bill requires the Agency for State Technology (AST) to establish standards and processes consistent with best practices for both information technology (IT) security and cybersecurity. It also requires AST to develop and publish guidelines and processes for an IT security framework to be used by state agencies. In part, the guidelines and processes must address completing risk assessments administered by a third party, establishing a computer security incident response team (team), and establishing an IT incident reporting process.

The bill requires the information security manager of each state agency to establish a team to respond to a suspected computer security incident. It also requires each state agency head to conduct a risk assessment administered by a third party by July 31, 2017; conduct IT security and cybersecurity training for new employees; ensure that certain personnel understand their roles and responsibilities; develop notification procedures for reporting IT security incidents and breaches; and improve organizational response activities.

The bill will require the Technology Advisory Council within AST to have at least one member who is a cybersecurity expert.

The bill sponsor spoke on a recent cyber-attack in South Carolina in which thousands of resident’s social security numbers have been hacked. The goal of this bill is to prevent a threat such as that in the state of Florida.

The next committee stop for HB 1033 will be in the House State Affairs Committee.

On Thursday, February 11th, SB 7050, the Senate companion to HB 1033, relating to Information Technology Security, by the Senate Governmental Oversight and Accountability Committee was heard before the Senate Appropriations Subcommittee on General Government and passed by a vote of 5 yeas to 0 nays. AIF stood in support of this bill.

This bill aims to revise the membership of the Technology Advisory Council to include a cybersecurity expert; requires the council, in coordination with the Florida Center for Cybersecurity, to identify and recommend STEM training opportunities; provides for the establishment of computer security incident response teams within state agencies and revises entities to adopt a unified state plan for K-20 STEM education to include the Technology Advisory Council.

While the House companion, HB 1033, is a bit broader, the key to this bill is the statewide requirement for security assessments by a third party and related activities under the responsibility of the AST. As the use of technology continues to grow we see the value in preventative cyber-security measures for the state of Florida.

SB 7050 will now go to the Senate Appropriations Committee.

AIF supports legislation that will bring our states cyber security measures up to date to protect Floridians and Florida’s businesses from potential cyber-attacks.

SB 1430-Relating to State Technology
On Tuesday, February 9th, SB 1430, relating to State Technology, by Senator Jeff Brandes (R-St. Petersburg) was heard by the Senate Governmental Oversight and Accountability Committee and passed by a vote of 4 yeas to 0 nays. AIF stood in support of this bill.

This bill is IT related and will provide additional authority to the Agency for State Technology (AST).  Specifically, a chief data officer within the Agency for State Technology is to be appointed by the executive director. It authorizes the Agency for State Technology to oversee the transition of various licenses and identification cards to an optional digital proof of the licenses and identification cards for a specified fee and requires the Department of Highway Safety and Motor Vehicles, in coordination with the Agency for State Technology, to develop a system for issuing an optional digital proof of driver license for a specified fee.  It also provides additional authority to the AST to establish a governance structure for the management of state data to promote openness and interoperability. 

The next committee stop for this bill will be in the Senate Appropriations Subcommittee on General Government. 

AIF supports legislative changes that will designate systems and processes to be implemented and operated at an enterprise (statewide or agency grouping) level and provide operational authority and funding to the AST.