Bill > S42

This bill amends Chapter 7D of the Massachusetts General Laws to address cyber ransom situations by establishing two key provisions: first, it prohibits state agencies, local government entities, and municipalities from paying ransom or communicating with cybercriminals who have encrypted data and are demanding payment for decryption, which aims to discourage ransomware attacks by removing financial incentives; second, the bill requires any state agency or local government entity that experiences a ransom request during a cybersecurity incident to report to and consult with the Chief Information Officer (CIO), ensuring a coordinated and strategic response to potential cyber threats. By implementing these measures, the legislation seeks to protect public sector information technology systems from ransomware attacks and establish a standardized protocol for handling such incidents, ultimately enhancing cybersecurity resilience for government entities in Massachusetts.

Business and Industry

https://malegislature.gov/Bills/194/S42