Bill > SB244

This bill modifies Maryland's cybersecurity infrastructure by updating the responsibilities of key state entities, particularly the Cyber Preparedness Unit in the Maryland Department of Emergency Management and the Office of Security Management in the Department of Information Technology. The bill expands the Cyber Preparedness Unit's role in supporting local governments by developing an online database of cybersecurity training resources, assisting with cybersecurity preparedness and response plans, and helping local governments identify and acquire resources for vulnerability assessments. The Office of Security Management's duties are also enhanced, including developing new standards for information categorization, establishing security requirements, managing security awareness training, and providing technical assistance to localities. The bill introduces a new annual reporting requirement where the Office must submit a detailed report to various state committees, specifically focusing on the state's cybersecurity expenditures relative to overall information technology spending and providing recommendations for budget improvements. Additionally, the bill updates the Secretary of Information Technology's responsibilities to include implementing and maintaining information technology policies and a statewide cybersecurity strategy that centralizes management of cybersecurity efforts within the state's executive branch. The bill is set to take effect on October 1, 2025, and aims to strengthen Maryland's cybersecurity preparedness and response capabilities across state and local government levels.

Education, Health and Social Services

Education, Energy, and the Environment (S)

https://mgaleg.maryland.gov/mgawebsite/Legislation/Details/SB0244?ys=2025RS