Bill > HB1239

This bill establishes a new Critical Infrastructure Protection Branch within the Maryland Coordination and Analysis Center (MCAC), which is a state entity focused on analyzing threats and sharing information. The bill defines "critical infrastructure" as vital physical or virtual assets, systems, and networks whose disruption would significantly harm national security, economic security, public health, or safety, including hospitals and healthcare facilities. The new branch will be led by a Chief Critical Infrastructure Officer responsible for administering the branch, directing statewide security efforts, and coordinating with various government offices, industry partners, the National Guard, and the Department of Information Technology. The branch will identify threats, prioritize critical infrastructure assets by assessing their vulnerability to cyber and physical attacks, and support the remediation of identified weaknesses by connecting asset owners with resources and funding opportunities, while also fostering shared learning and best practices. The Department of Emergency Management will coordinate responses to attacks on critical infrastructure, focusing on the cascading impacts, and the Department of Information Technology will allow critical infrastructure owners and operators to join the Maryland Information Sharing and Analysis Center (MISAC) and will provide them with cybersecurity reporting standards. The bill also clarifies that it does not override existing cybersecurity regulations.