Bill > SB2654

This bill establishes a State Security Operations Center (SSOC) within the Mississippi Department of Information Technology Services (ITS) to serve as the operational arm for statewide cybersecurity, working alongside the existing Enterprise Security Program which handles strategic and regulatory aspects. The SSOC will be responsible for continuous monitoring, threat detection, incident response, and providing technical support to agencies to ensure they comply with cybersecurity policies and standards, as outlined in Section 25-53-201 of Mississippi law. State agencies are required to report cybersecurity incidents to both the Enterprise Security Program and the SSOC, cooperate with its efforts, and implement corrective actions. If an agency fails to comply, the Executive Director of ITS has the power to impose additional oversight, limit access to systems, or assess fees. The SSOC is also authorized to collaborate with various entities, including federal agencies and educational institutions, to enhance cybersecurity and develop a skilled workforce, and must submit an annual report detailing its operations and challenges. The Executive Director of ITS is empowered to create necessary rules and procedures, and the bill clarifies that these new provisions do not alter existing cybersecurity authorities or the functions of the Chief Information Security Officer or the Enterprise Security Program.