BillTrack50 logo
Free Signup Login
Bill

Bill > HB2271

KS HB2271

KS HB2271
Removing the expiration of provisions relating to moving cybersecurity services under the chief information technology officer of each branch of government.

summary

Introduced
02/05/2025
In Committee
02/26/2025
Crossed Over
02/25/2025
Passed
Dead

Introduced Session

Potential new amendment
2025-2026 Regular Session

Bill Summary

AN ACT concerning cybersecurity; removing the expiration provisions of cybersecurity legislation; consolidating cybersecurity services under the chief information security officer of each branch; amending K.S.A. 2024 Supp. 40-110, 75-413, 75-623, 75-710, 75-711, 75-7203, 75- 7206a, 75-7208a, 75-7245 and 75-7246 and repealing the existing sections; also repealing K.S.A. 2023 Supp. 45-229, as amended by section 11 of chapter 95 of the 2024 Session Laws of Kansas, 75-7201, as amended by section 17 of chapter 95 of the 2024 Session Laws of Kansas, 75-7202, as amended by section 19 of chapter 95 of the 2024 Session Laws of Kansas, 75-7203, as amended by section 21 of chapter 95 of the 2024 Session Laws of Kansas, 75-7205, as amended by section 23 of chapter 95 of the 2024 Session Laws of Kansas, 75-7206, as amended by section 25 of chapter 95 of the 2024 Session Laws of Kansas, 75-7208, as amended by section 27 of chapter 95 of the 2024 Session Laws of Kansas, 75-7209, as amended by section 29 of chapter 95 of the 2024 Session Laws of Kansas, 75-7237, as amended by section 31 of chapter 95 of the 2024 Session Laws of Kansas, 75-7238, as amended by section 33 of chapter 95 of the 2024 Session Laws of Kansas, 75-7239, as amended by section 35 of chapter 95 of the 2024 Session Laws of Kansas, 75-7240, as amended by section 37 of chapter 95 of the 2024 Session Laws of Kansas.

AI Summary

This bill removes the expiration dates for several provisions related to cybersecurity in Kansas state government, ensuring continued implementation of comprehensive cybersecurity measures across different government branches. The bill requires each branch of government (including Insurance, Secretary of State, Treasurer, Attorney General, Judicial, and Legislative branches) to appoint a Chief Information Security Officer (CISO) who will be responsible for developing and implementing robust cybersecurity programs. These programs must comply with the National Institute of Standards and Technology Cybersecurity Framework (CSF) 2.0, with specific requirements to achieve CSF tier 3.0 by July 1, 2028, and tier 4.0 by July 1, 2030. Each CISO must ensure annual cybersecurity awareness training for all employees, coordinate annual cybersecurity audits with the U.S. Cybersecurity and Infrastructure Security Agency, and maintain confidentiality of audit results. The bill also requires integration of cybersecurity services under the chief information technology officer of each government branch and mandates that all government websites transition to ".gov" domains by February 1, 2025. Additionally, the legislation provides for potential budget reductions for agencies not complying with these cybersecurity requirements, creating a strong incentive for maintaining high security standards across state government.

Committee Categories

Government Affairs

Sponsors (0)

No sponsors listed

Other Sponsors (1)

Legislative Modernization (House)

Last Action

Senate Referred to Committee on Federal and State Affairs (on 02/26/2025)

bill text

bill summary

Loading...

bill summary

Loading...
Loading...